Operational Technology Vulnerability Response release notes

  • Release version: Washingtondc
  • Updated July 23, 2024
  • 6 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Operational Technology Vulnerability Response Release Notes

    The ServiceNow® Operational Technology Vulnerability Response application enables prioritization of Operational Technology (OT) vulnerabilities at the site level. The Washington DC release enhances this application with new features designed to improve efficiency, tracking, and management of OT vulnerabilities.

    Show full answer Show less

    Key Features

    • Bulk Assignment Changes: Change the OT Vulnerability Response assignment group field for multiple site records simultaneously.
    • CSAF Support: Utilize the Common Security Advisory Framework (CSAF) for importing solutions from various vendors.
    • OT Vulnerability Remediation Owner Role: Assign this role to users for managing remediation tasks and creating change tasks as needed.
    • Automated Task Scheduling: Set start times for remediation tasks based on the ISA maintenance schedule.
    • Enhanced Dashboard: Access the new OT Vulnerabilities tab for centralized monitoring of vulnerability data.
    • Compensating Controls: Implement compensating controls in the Libraries module to manage unpatchable vulnerabilities.

    Key Outcomes

    With these updates, customers can expect improved management of OT vulnerabilities through streamlined processes, better tracking of remediation tasks, and enhanced visibility into vulnerability data. The new features support more efficient operations, enabling quicker responses to potential threats and risks associated with OT environments.

    The ServiceNow® Operational Technology Vulnerability Response application enables you to prioritize Operational Technology (OT) vulnerabilities at a site level. Operational Technology Vulnerability Response was enhanced and updated in the Washington DC release.

    Operational Technology Vulnerability Response highlights for the Washington DC release

    • Change the Operational Technology Vulnerability Response (OT VR) assignment group field for multiple site records at once.
    • Use the Common Security Advisory Framework (CSAF) with multiple vendor support when importing solutions from Aggregators or Trusted Providers.
    • Manage remediation tasks more efficiently with the OT Vulnerability Remediation Owner (sn_otvr.remediation_owner) role.
    • Mitigate controls using the Libraries module in the Industrial Workspace.
    • Use the enhanced OTVR (PA) dashboard.
    • Monitor your vulnerability data in a centralized location with the new OT Vulnerabilities tab that is available in the Industrial Workspace.
    • Track the volume, performance, and progress of OT vulnerable items (VIs) from the initial analysis and detection to the containment, or remediation, with the new Operational Technology Vulnerability Response (PA) dashboard in the Industrial Workspace.

    See Operational Technology Vulnerability Response for more information.

    Important:
    Operational Technology Vulnerability Response is available in the ServiceNow Store. For details, see the "Activation information" section of these release notes.

    New in the Washington DC release

    OT Vulnerability Remediation Owner (sn_otvr.remediation_owner) role
    Assign the OT Vulnerability Remediation Owner (sn_otvr.remediation_owner) role to users who primarily work on an assigned remediation task and can create change tasks when needed. The OT Vulnerability Remediation Owner role contains the following roles:
    • cmdb_ot_isa_viewer
    • cmdb_ot_viewer
    • sn_vul.close_vi_vg
    • sn_vul.remediation_owner
    Automatically set a start time for a remediation task based on the ISA maintenance schedule
    Start a remediation task automatically based on the ISA maintenance schedule. After you create the remediation task, it’s picked up during the next scheduled maintenance.
    View unmapped devices and devices not assigned to a site in the OT Vulnerabilities tab of the OT Manager dashboard
    View the unmapped OT devices and OT devices that aren't assigned to a site in the No Site Assigned table included in the Vulnerability Risk widget.
    Common Security Advisory Framework (CSAF) supported for Operational Technology Vulnerability Response
    Use the Common Security Advisory Framework (CSAF) with multiple vendor support when importing solutions from Aggregators or Trusted Providers.
    OTVR (PA) dashboard Guided Setup
    Use the OTVR (PA) dashboard Guided Setup under the Operational Technology Vulnerability Response section in the Industrial Workspace Guided Setup to configure data collection and review indicator sources.
    Change the Operational Technology Vulnerability Response (OT VR) assignment group field in a bulk edit
    Use the bulk edit feature to update the OT VR assignment group field in multiple site records at once.
    Use compensating controls for Operational Technology
    Use compensating controls for OT to reduce vulnerability risks that can't be patched immediately. Compensating controls help mitigate risks.
    OT Vulnerabilities tab
    Track your OT vulnerability data with multi-site and business unit filtering by using the OT Vulnerabilities tab in the Industrial Workspace. This tab now runs in Performance Analytics.
    Implementing multi-site and business unit filtering in the OT Vulnerabilities tab
    Filter the data based on the specific business units and sites by using the business unit and site filters in the OT Vulnerabilities tab.
    Operational Technology Vulnerability Response (PA) dashboard
    Track the volume, performance, and progress of the OT vulnerable items (VIs) from the initial analysis and detection to the containment, or remediation, for a VI by using the Operational Technology Vulnerability Response (PA) dashboard.

    UI changes

    Libraries module in the Industrial Workspace
    You can use the Library module in the Industrial Workspace to perform the following functions:
    • Enable compensating controls
    • Associate compensating control to a Common Vulnerability and Exposure (CVE)
    • Disable risk reduction on a CVE
    These functions help reduce the risk posed by vulnerabilities that can't be addressed immediately. The Libraries module includes the CVEs list and the Compensating Controls list.
    Vulnerable items by state chart in the OT Vulnerabilities tab on the OT Manager dashboard
    The Vulnerable items by state chart in the OT Vulnerabilities tab is organized sequentially by state.
    OTVR (PA) dashboard updates
    The OTVR (PA) dashboard was updated with the following features:
    • You can now view data in the OT VIs Met Remediation Target and the OT VI Mean Time to Remediate (MTTR) widgets by the following time frames:
      • The last month
      • The last 3 months
      • The last 6 months
      • The last year
      • All time
    • The OT Remediation Tasks and OT Critical Remediation Tasks Near Due widgets were moved under the Remediation tab.
    • The OT Unassigned Vulnerable Items widget was moved under the Overview tab.
    • You can select the OT Vulnerable Items (VI) widget under the Overview tab to open a list of vulnerable items.
    • The OT Vulnerable Items (VI) and OT Vulnerable Configuration Items (CI) widgets show an OT class-level breakdown.
    Support for Exception Management for remediation tasks in the Industrial Workspace
    Use Exception Management for remediation tasks to defer vulnerable items. You can defer a remediation task by selecting the Request Exception button in a remediation record in the Industrial Workspace.
    OT Vulnerabilities tab
    The OT Vulnerabilities tab was added to the Industrial Workspace and the following enhancements were made:
    • The Vulnerability risk table shows the equipment model hierarchy in the correct number order.
    • The Vulnerable items by state graph shows the states in the following sequential order:
      • Open
      • Under investigation
      • In review
      • Awaiting implementation
      • Resolved
    Dashboard icon
    The dashboard Dashboard icon in the Industrial Workspace. icon was added to the Industrial Workspace to access the Operational Technology Vulnerability Response (PA) dashboard.
    Work notes for vulnerable items and remediation tasks
    The work notes and comments for vulnerable items and remediation tasks were added in the Industrial Workspace. You can do these tasks as a Remediation Owner.
    OT Vulnerable Items lists
    The following lists under the OT Vulnerable Items module in the Industrial Workspace list view were changed:
    • My Requests was renamed to My Exception Requests.
    • The My Exception Requests list now contains the site context.
    • The Approval state column now includes the Rejected approval state.

    Changed in this release

    New Industrial Workspace experience
    The OT Manager dashboard in the Industrial Workspace was split up into the following tabs so that you can separately monitor your OT device data and OT vulnerability data:
    • OT Devices tab
    • OT Vulnerabilities tab

    Activation information

    Install Operational Technology Vulnerability Response by requesting it from the ServiceNow Store. Visit the ServiceNow Store website to view all the available apps and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.

    Related ServiceNow applications and features

    CMDB CI Class Models store app
    The CMDB CI Class Models store app adds class models that extend the CMDB class hierarchy, including class descriptions, identification rules, identifier entries, and dependent relationships.
    Vulnerability Response
    When integrated with Operational Technology Vulnerability Response, the ServiceNow® Vulnerability Response application aids you in prioritizing and resolving OT vulnerabilities based on process criticality.
    Operational Technology Manager
    ServiceNow® Operational Technology Manager enables you to aggregate OT device data from multiple sources so that you can build the foundational data relationships used in the Industrial solution.
    Industrial Process Manager
    Use the ServiceNow® Industrial Process Manager application to create the ISA-95 Equipment Model data foundation that is required for the ServiceNow® Industrial solution, enabling you to create your own version of the equipment models in each of your industrial solution sites.