Patch orchestration with the Vulnerability Response Workspaces

  • Release version: Washingtondc
  • Updated February 1, 2024
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Patch Orchestration with the Vulnerability Response Workspaces

    Patch orchestration with the Vulnerability Response application enables management of patches and patch deployments for critical vulnerabilities across large asset groups. This functionality is available in both the classic environment and Vulnerability Response workspaces, allowing for effective monitoring and response to vulnerabilities through scheduled imports from third-party integrations and vendors.

    Show full answer Show less

    Key Features

    • Integration with third-party patch vendors and vulnerability scanners for streamlined patch management.
    • Correlated data visibility in both classic and workspace environments.
    • Access to patch orchestration data through the ServiceNow® Store, with certain applications requiring separate subscriptions.
    • Role-based access, requiring specific roles for users to view and schedule patches based on the integrations being used.

    Key Outcomes

    With patch orchestration, users can:

    • View patch data in the IT Remediation Workspace, including scorecards for preferred solutions and vulnerable items.
    • Schedule patches directly from various records such as Patch Update (VPU), Remediation task (RT), and Discovered Item (SDI).
    • Access patch information in the Vulnerability Manager Workspace, including preferred and potential patches along with scheduled dates.

    This orchestration enhances security posture by ensuring timely patch deployments, thereby reducing vulnerability exposure across the organization.

    You can manage patches and patch deployments for critical vulnerabilities for large groups of your assets with Patch orchestration with Vulnerability Response.

    Patch orchestration in the Workspaces

    Patch orchestration with the Vulnerability Response application uses scheduled imports from third-party solution integrations, patch vendors, and vulnerability scanners.

    Patch orchestration with the Vulnerability Response application is supported in both the classic environment and the Vulnerability Response workspaces. Correlated data is rolled up and displayed in both the workspaces and the classic environment. For an overview about the features, requirements, and information about patch orchestration in the classic environment, see Patch orchestration with Vulnerability Response.

    Available versions of applications and dependencies required for the patch orchestration integration

    To view patch Orchestration data and available updates (patches) in the workspaces in Vulnerability Response, the following applications are required. All applications listed are available in the ServiceNow® Store. Some applications require separate subscriptions. See Patch orchestration with Vulnerability Response.

    Roles required

    In addition to the sn_vul.vulnerability_analyst or sn_vul.vulnerability_admin roles required for the Vulnerability Response Workspaces, users need roles that are specific to the patch orchestration integrations you are using to view data and schedule patches. See the following supported integrations for more information about these roles.

    See Understanding the HCL BigFix patch orchestration integration with Vulnerability Response and Understanding the Vulnerability Response patch orchestration integration with Microsoft SCCM.

    Patch data in the Vulnerability Response Workspaces

    In the IT Remediation Workspace, you can view patch data in the workspaces:

    • On the Home view, click scorecards to view records for Preferred solutions on VIs, Vulnerable CIs, and Preferred Patches on VIs.
    • On the List view, view all the Patch Update records (VPUs) and the vulnerable items that are assigned to you that have patches from the available links.

    You can schedule patches from the following records:

    • Patch Update (VPU)
    • Remediation task (RT)
    • Discovered Item (SDI)

    In the Vulnerability Manager Workspace, you can view patches:

    • From the Home view on watch topics on the Vulnerable Items tab, you can view preferred and potential patches, Patch scheduled dates, and other information.
    • From the List view on remediation effort records, you can view patch data on VIT records on the Vulnerable Items tab.