Configure OT vulnerability risk rollup calculator
Use the OT vulnerability risk rollup calculator to calculate the risk score of the OT devices at each level of the equipment model. The overall risk score is rolled up to the parent equipment model entity.
Before you begin
- Calculate the risk score for all the equipment model entities by executing the scheduled job.Note:The risk score calculation for all the equipment model entities is only for the subsequent run of the daily schedule job.
- Check that the Service Populator column in the Equipment Model Entities list is set to OTDynamicManualServicePopulator by navigating to . If it's set to other values, you must execute the Update ISA entity service populator on-demand job:
- Navigate to .
- Select the Update ISA entity service populator job.
- Select Execute Now.
Note:If you don't see the Service Populator column in the Equipment Model Entities list, you can add it by personalizing the list. For more information, see Personalize a list. - Role required: sn_vul.vulnerability_admin
About this task
For this step, refer to the Vulnerability Rollup Calculators with OT vulnerability calculator shipped with the Operational Technology Vulnerability Response application demo data.
For more information, see Vulnerability Response Rollup Calculators.
To calculate the risk score for the equipment model entity, set up the weights for
these fields:
- Maximum risk score of the Vulnerable Items (VITs) associated to the equipment model entity.
- Average risk score of the VITs associated to the equipment model entity.
- Number of vulnerable items per equipment model entity.
Procedure
- Navigate to .
- From the Vulnerability Rollup Calculators list, select Equipment Model Entity Rollup.
- If required, in the Rollup Weights section, update the weight for each criterion.
- Select Update.
What to do next
Now, you can calculate the risk associated at a level for your equipment model entities.
- Calculate the risk rollup for all equipment model entities:
- Navigate to .
- Select Operational Technology Vulnerability Response.
- In the Risk roll up calculation section, select the Risk roll-up configuration task.
- Select Configure.
- Follow the steps described in the Guided Setup.
- Configure the Risk Rollup for VITs by Equipment Model Entity scheduled job:
- Navigate to .
- Select Operational Technology Vulnerability Response.
- In the Risk roll up calculation section, select the Daily Schedule job for risk roll up task.
- Select Configure.
- Follow the steps described in the Guided Setup.Note:By default, the job is set to run daily. You can change this to fit your business needs by editing the Run, Time zone, and Time fields.
- Configure the entities for risk score roll-up:
- Navigate to .
- Select Operational Technology Vulnerability Response.
- In the Risk roll up calculation section, select the Set All Entities for Risk score Roll-Up Job task.
- Select Configure.
- Follow the steps described in the Guided Setup.
- To avoid getting the wrong risk score and rating for remediation tasks, change the Table field in the OT Devices with No sites Assigned Rollup record:
- Navigate to .
- In the Run script field, add the following script.
var gr = new GlideRecord('sn_vul_rollup'); gr.get('sys_id','24973dc4939e42900b1566f4548918eb'); gr.table = 'sn_ot_metric'; gr.update(); - Select Run script.
- To check the value of the Table field in the OT Devices with No sites Assigned Rollup record and run the scheduled job, navigate to .
- Select the OT Devices with No sites Assigned Rollup record.
- Ensure that the Table field is set to OT Metric [sn_ot_metric].
- Run the scheduled job.
After running the job, the correct VIT risk scores and ratings are rolled up to the remediation tasks.