Integrations and dependencies of the Vulnerability Response Patch Orchestration with the Microsoft SCCM application

  • Release version: Washingtondc
  • Updated February 1, 2024
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Integrations and Dependencies of the Vulnerability Response Patch Orchestration with Microsoft SCCM

    The Vulnerability Response Patch Orchestration integrates with Microsoft System Center Configuration Manager (SCCM) to streamline patch management. This integration requires specific applications and dependencies available in the ServiceNow® Store, enabling customers to effectively manage vulnerabilities and their resolutions.

    Show full answer Show less

    Key Features

    • Required Applications: Applications necessary for the integration include Vulnerability Response, Vulnerability Solution Management, and the Vulnerability Response Patch Orchestration with Microsoft SCCM application. Subscription may be needed for some applications.
    • Integration Tables: Key tables in the Patch Orchestration application include:
      • Patch Update: Stores patch availability information.
      • Device Update: Tracks deployed patches and their statuses.
      • Collection: Holds data on collections from various instances.
      • Device Collection: Contains information on discovered item collections.
      • Patch Deployment: Details on deployed patches related to collections and CIs.
      • Potential Patch: Identifies patches that may resolve specific vulnerabilities.
    • Integrations: The integration includes several scheduled processes:
      • Microsoft SCCM Collection Integration: Daily retrieval of device collections from SCCM.
      • Microsoft SCCM Device Collection Integration: Fetches devices under collections, can run on-demand.
      • Microsoft SCCM Patch Update Integration: Retrieves information on installed or missing patches, can run on-demand.
      • Microsoft SCCM Deployments Integration: Provides details on scheduled patches by the IT team, can run on-demand.

    Key Outcomes

    By leveraging the Vulnerability Response Patch Orchestration with Microsoft SCCM, customers can efficiently manage vulnerabilities and automate patch deployment processes. This integration enhances visibility into patch statuses and simplifies the overall vulnerability management workflow, leading to improved security posture and compliance.

    The following product and dependency applications are required for the Vulnerability Response Patch Orchestration with Microsoft System Center Configuration Manager (SCCM) integration. These applications are available in the ServiceNow® Store

    Available versions of applications and dependencies required for the patch orchestration integration

    To view patch orchestration data and available updates (patches) in the workspaces and the classic UI in Vulnerability Response, the following applications are required. All applications listed are available in the ServiceNow® Store. Some applications require separate subscriptions.

    For more information about version compatibility with the required applications and family releases, refer to the KB0856498 Vulnerability Response Compatibility Matrix and Release Schema Changes article in the HI Knowledge Base.

    Application and release version
    Vulnerability Response
    Vulnerability Solution Management
    Vulnerability Response Patch Orchestration application
    Vulnerability Response Patch Orchestration with Microsoft SCCM application
    Security Support Common
    Security Support Orchestration
    Service Graph connector with SCCM

    Vulnerability Response patch orchestration application tables

    The Vulnerability Response Patch Orchestration application contains the following tables:

    Table Description
    Patch Update [sn_vul_patch_orch_update] Stores information about the patches that are available on distinct instances.
    Device Update [sn_vul_patch_orch_m2m_src_ci_update] Stores data about the deployed patches, along with deployment status, that are on displayed on discovered item records.
    Collection [sn_vul_patch_orch_collection] Stores collection data from distinct instances.
    Device Collection [sn_vul_patch_orch_m2m_src_ci_collection] Stores collections data about discovered items.
    Patch Deployment [sn_vul_patch_orch_deployment] Stores information about deployed patches about Collections and CIs.
    Potential Patch [sn_vul_patch_orch_m2m_vuln_patch] Stores data about patches and vulnerabilities that identify the patches that might be used to resolve a vulnerability.

    Vulnerability Response Patch Orchestration with Microsoft SCCM integrations

    The integrations developed by ServiceNow® engineering make up the orchestrated solution deployment with the Microsoft SCCM product. The following integrations are included with the Microsoft SCCM Patch Orchestration Integration application that you download from the ServiceNow® Store.

    After you install the integration application on your ServiceNow AI Platform instance, to view these integrations, navigate to Integrations > SCCM Patch Orchestration Integration > Integrations. The Vulnerability Response application processes data on scheduled time intervals imported by these integrations with Microsoft SCCM endpoints.

    Integration Description
    Microsoft SCCM Collection Integration
    • This integration is scheduled to run daily and runs first in the chained integration run.
    • Retrieves the device collections from the SCCM Collections.
    Microsoft SCCM Device Collection Integration
    • When scheduled, this integration is triggered by the completion of the SCCM Collection Integration. You can also run it on-demand.
    • This integration fetches the devices under each collection. This integration creates records in the discovered items table and Device Collection table.
    Microsoft SCCM Patch Update Integration
    • When scheduled, this integration is triggered by the completion of the SCCM Device Collection Integration. You can also run it on-demand.
    • Retrieves information from the SCCM server about the Patches that are either installed or missing on devices (assets).
    Microsoft SCCM Deployments Integration
    • When scheduled, this integration is triggered by the completion of the Patch Update Integration. You can also run it on-demand.
    • Retrieves information about the patches scheduled by the IT team in the SCCM server.