Understanding the Microsoft Security Response Center Solution Integration
Summarize
Summary of Understanding the Microsoft Security Response Center Solution Integration
The Microsoft Security Response Center Solution Integration is part of the Vulnerability Solution Management feature within Vulnerability Response, requiring a separate subscription. This integration enables customers to review and implement remediation solutions for security vulnerabilities affecting Microsoft products and services. It facilitates a streamlined approach to managing security risks by providing known remediations and automating the vulnerability remediation lifecycle through scheduled jobs.
Show less
Key Features
- Scheduled Jobs: Automates the synchronization of your instance with other vulnerability management systems, ensuring timely updates and actions.
- Run-As User: Each integration record has a configured run-as user (default: VR.System) that should not be altered.
- Role Management: Various roles are available, including vulnerabilityadmin, vulnerabilitywrite, and remediationowner, to control access and permissions within the Vulnerability Response application.
- Integration Access: Access the Microsoft Security Response Center Solution Integration via All > Vulnerability Response > Administration > Integrations.
- Solution Retrieval: Collects solutions and NVD mappings to associate solutions with vulnerabilities and remediation tasks. Note that it does not provide solutions prior to 2016.
Key Outcomes
By implementing the Microsoft Security Response Center Solution Integration, ServiceNow customers can effectively manage security vulnerabilities, streamline remediation processes, and maintain compliance with security standards. Users can expect automated updates, detailed access control, and a comprehensive view of available solutions for vulnerabilities. To maximize effectiveness, ensure you have the latest version of Vulnerability Response and follow the provided guidelines for installation and configuration.
Review and implement proposed remediation solutions provided by the Microsoft Security Response Center Solution Integration.
Microsoft Security Response Center Solution Integration is included in the Vulnerability Solution Management feature of Vulnerability Response, available by separate subscription. See Vulnerability Solution Management for more information on how Vulnerability Response incorporates solutions.
Microsoft Security Response Center investigates reports of security vulnerabilities affecting Microsoft products and services, and provides solution information to help manage security risks. Solutions are known remediations imported into your Microsoft Security Response Center Solution Integration from the Microsoft Security Response Center product.
The Microsoft Security Response Center Solution Integration contains entry points to Microsoft Security Response Center product, invoked as scheduled jobs. Scheduled jobs simplify the vulnerability remediation lifecycle by keeping the instance synchronized with other vulnerability management systems. Scheduled jobs run automatically and in the order specified. You can also execute individual scheduled jobs manually.
There is a configured run-as user for each integration record. The default value for this user is VR.System. Do not change this value.
Available versions
For the most current version of Vulnerability Solution Management and Microsoft Security Response Center solutions, verify you have the most current version of Vulnerability Response installed.
For more information about installing and configuring Vulnerability Solution Management and solution integrations, see Install the Solution Management for Vulnerability Response application and Configure installed solution integrations for Vulnerability Solution Management using Setup Assistant.
| Release version of Vulnerability Response | Version of Vulnerability Solution Management | Release Notes |
|---|---|---|
Vulnerability Response v15.0 |
v10.3 |
For compatibility information, see KB0856498 Vulnerability Response Compatibility Matrix and Release Schema Changes |
Roles
- sn_vul.vulnerability_admin or sn_vul.admin (deprecated): Can read, write, and delete records.
- sn_vul.vulnerability_write: Can read and write records.
- sn_vul.vulnerability.read: Can read records.
- sn_vul.remediation_owner: Can read and write internal notes on records assigned to the remediation specialist group or individual. (Contained in the itil role.)
Persona and granular roles are available to help you manage what users and groups can see and do in the Vulnerability Response application. For an initial assignment of the persona roles in Setup Assistant, see Assign the Vulnerability Response persona roles using Setup Assistant. For more information about managing granular roles, see Manage persona and granular roles for Vulnerability Response.
Microsoft Security Response Center Solution Integration
To view the Microsoft Security Response Center Solution Integration, navigate to .
The following integration is included in the base system.
| Integration | Description |
|---|---|
| Microsoft Security Response Center Solution Integration | Retrieves solutions and National Vulnerability Database (NVD) mapping to associate
solutions with vulnerabilities, vulnerable items, and remediation tasks. Note: The Microsoft Security Response Center Solution Integration does not provide solutions prior to
2016. |
Solutions
To view imported solutions in a list, see View a solution.