Operational Technology Vulnerability Response release notes
The ServiceNow® Operational Technology Vulnerability Response application enables you to prioritize Operational Technology (OT) vulnerabilities at a site level. Operational Technology Vulnerability Response was enhanced and updated in the Xanadu release.
Operational Technology Vulnerability Response highlights for the Xanadu release
- Assess the vulnerabilities for the firmware of the OT assets with Hardware Vulnerability Assessment.
- View solutions or details of a vulnerable item (VIT) with enhanced UI options.
- Manage your vulnerable items and Operational Technology Vulnerability Response data with the enhanced OTVR (PA) dashboard in the Industrial Workspace.
- View the risk score of your OT devices at each level of the equipment model with the OT Vulnerability Risk Rollup dashboard.
- Change the Operational Technology Vulnerability Response (OT VR) assignment group field for multiple site records at once.
- Use the Common Security Advisory Framework (CSAF) with multiple vendor support when importing solutions from Aggregators or Trusted Providers.
- Manage remediation tasks more efficiently with the OT Vulnerability Remediation Owner (sn_otvr.remediation_owner) role.
- Mitigate controls using the Libraries module in the Industrial Workspace.
- Use the enhanced OTVR (PA) dashboard.
See Operational Technology Vulnerability Response for more information.
Important:
Operational Technology Vulnerability Response is available in the ServiceNow Store. For details, see the "Activation information" section of these release notes.
New in the Xanadu release
- Hardware Vulnerability Assessment menu in the Industrial Workspace
- Automatically and periodically assess the OT device firmware vulnerabilities that are in your inventory and create vulnerable items against the impacted assets (CI).
- Risk scores on the OT Vulnerability Risk Rollup dashboard
- View a table of risk scores for your OT devices at each level of the equipment model with the OT Vulnerability Risk Rollup dashboard.
- Enhanced OTVR (PA) dashboard experience
- View and manage all of your OT vulnerability data and data visualizations in a centralized location with the enhanced OTVR (PA) dashboard, which is accessible on the Dashboard Library page.
- OT Vulnerability Remediation Owner (sn_otvr.remediation_owner) role
- Assign the OT Vulnerability Remediation Owner (sn_otvr.remediation_owner) role to users who primarily work on an assigned remediation task and can create change tasks when needed. The OT Vulnerability Remediation Owner role
contains the following roles:
- cmdb_ot_isa_viewer
- cmdb_ot_viewer
- sn_vul.close_vi_vg
- sn_vul.remediation_owner
- Automatically set a start time for a remediation task based on the ISA maintenance schedule
- Start a remediation task automatically based on the ISA maintenance schedule. After you create the remediation task, it’s picked up during the next scheduled maintenance.
- Common Security Advisory Framework (CSAF) supported for Operational Technology Vulnerability Response
- Use the Common Security Advisory Framework (CSAF) with multiple vendor support when importing solutions from Aggregators or Trusted Providers.
- OTVR (PA) dashboard Guided Setup
- Use the OTVR (PA) dashboard Guided Setup under the Operational Technology Vulnerability Response section in the Industrial Workspace Guided Setup to configure data collection and review indicator sources.
- Change the Operational Technology Vulnerability Response (OT VR) assignment group field in a bulk edit
- Use the bulk edit feature to update the OT VR assignment group field in multiple site records at once.
- Use compensating controls for Operational Technology
- Use compensating controls for OT to reduce vulnerability risks that can't be patched immediately. Compensating controls help mitigate risks.
UI changes
- Dashboard Library icon
- The Dashboard Library icon (
) was added to the Industrial Workspace and contains the available dashboards for Operational Technology, including the OTVR (PA) dashboard. - Site filter on the OTVR (PA) dashboard and the OT Vulnerability Risk Rollup dashboard
- A site filter was added to both the OTVR (PA) dashboard and the OT Vulnerability Risk Rollup dashboard in the Industrial Workspace so you can filter the displayed data by a chosen site.
- Vulnerability Solutions section in the List menu of Industrial Workspace
- A new Vulnerability Solutions section was added in the List menu (
) of the Industrial Workspace. In the Solutions section, you can view the solutions for the enlisted VITs. - Overview tab for a vulnerable item
- The Overview tab in a VIT provides important information about the VIT, such as State, Risk Rating, Risk Score, Associated Vulnerability, and more.
- Libraries module in the Industrial Workspace
- You can use the Library module in the Industrial Workspace to perform the following functions:
- Enable compensating controls
- Associate compensating control to a Common Vulnerability and Exposure (CVE)
- Disable risk reduction on a CVE
- Vulnerable items by state chart in the OT Vulnerabilities tab on the OTVR (PA) dashboard
- The Vulnerable items by state chart in the OT Vulnerabilities tab is organized sequentially by state.
- OTVR (PA) dashboard updates
- The OTVR (PA) dashboard was updated with the following features:
- You can now view data in the OT VIs Met Remediation Target and the OT VI Mean Time to Remediate (MTTR) widgets by the following time frames:
- The last month
- The last 3 months
- The last 6 months
- The last year
- All time
- The OT Remediation Tasks and OT Critical Remediation Tasks Near Due widgets were moved under the Remediation tab.
- The OT Unassigned Vulnerable Items widget was moved under the Overview tab.
- You can select the OT Vulnerable Items (VI) widget under the Overview tab to open a list of vulnerable items.
- The OT Vulnerable Items (VI) and OT Vulnerable Configuration Items (CI) widgets show an OT class-level breakdown.
- You can now view data in the OT VIs Met Remediation Target and the OT VI Mean Time to Remediate (MTTR) widgets by the following time frames:
- Support for Exception Management for remediation tasks in the Industrial Workspace
- Use Exception Management for remediation tasks to defer vulnerable items. You can defer a remediation task by selecting the Request Exception button in a remediation record in the Industrial Workspace.
Changed in this release
- OT Vulnerabilities tab data
- The following data that was available in the OT Vulnerabilities tab of the OT Manager dashboard has been moved to the OTVR (PA) dashboard:
- Total OT Vulnerable Items
- New OT Vulnerable Items
- OT Unassigned Vulnerable Items
- OT Vulnerable Items by State
- OT Vulnerable Items by Risk Rating
Deprecations
- The OT Vulnerabilities tab is no longer available on the OT Manager dashboard in the Industrial Workspace.
- Starting with the Xanadu release, Vulnerability Response Integration with Microsoft Defender for IoT (On-premises Management Console) integration is being prepared for future deprecation. It will be hidden and no longer activated on new instances but will continue to be supported.
Activation information
Install Operational Technology Vulnerability Response by requesting it from the ServiceNow Store. Visit the ServiceNow Store website to view all the available apps and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.