Using Operational Technology Vulnerability Response

  • Release version: Yokohama
  • Updated January 30, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Using Operational Technology Vulnerability Response

    The Operational Technology Vulnerability Response (OTVR) application, accessible via the Industrial Workspace, enables you to manage vulnerabilities in OT environments effectively. Once setup tasks like importing vulnerable items from third-party integrations are complete, you can track, assess, and remediate vulnerabilities across your OT devices and equipment models.

    Show full answer Show less

    Key Features

    • OTVR (PA) Dashboard: Provides insights into vulnerable items' volume, performance, and progress from detection to remediation. It supports filtering by assignment groups, exploits, risk ratings, or state to analyze vulnerability exposure and affected services.
    • OT Vulnerability Risk Rollup Dashboard: Displays risk scores in two tables—one for equipment models and another for OT devices without assigned sites—helping prioritize risk management.
    • List Menu: Offers views of OT Vulnerable Item records and remediation tasks assigned to you or your groups. It includes access to exception requests, including rejected ones, and enables reviewing detailed activity histories and adding comments or work notes.
    • Equipment Model Manager: Allows viewing OT vulnerable items and creating remediation tasks linked to equipment model entities.
    • Hardware Vulnerability Assessment: Manages vulnerability assessments for OT device firmware, categorizing them into fully matched, partially matched, vulnerable, ignored, or awaiting normalization assessments.
    • Remediation Task Management: Enables creation, viewing, splitting, scheduling (using equipment model entity schedules), and deferral of remediation tasks, with deferred tasks generating exception requests for later resolution.
    • Vulnerability Exceptions: Facilitates requesting OT Admins to mark vulnerable items as exceptions, helping manage items that might not be immediately remediated.
    • Compensating Controls: Supports documenting and managing alternative security measures when immediate patching of vulnerabilities is not possible.

    Key Outcomes

    Using OTVR, ServiceNow customers can efficiently monitor and manage OT vulnerabilities, streamline remediation efforts, and maintain comprehensive visibility into risk exposure. This approach enhances security posture by enabling prioritization based on risk scores, tracking remediation progress, and handling exceptions and compensating controls when timely patching is not feasible. The integration within the Industrial Workspace ensures a centralized, contextualized experience for OT vulnerability management.

    After you complete all required set up tasks, including importing vulnerable items from a third-party integration, you can use the Operational Technology Vulnerability Response application from the Industrial Workspace.

    Industrial Workspace

    To use Operational Technology Vulnerability Response, access the following landing page and menus from the Industrial Workspace.

    For more information on the Industrial Workspace, see Industrial Workspace.

    OTVR (PA) dashboard in the Industrial Workspace

    Use the OTVR (PA) dashboard to track the volume, performance, and progress of your vulnerable items from the initial analysis and detection to the containment, or remediation. You can filter the reports by the assignment group, exploits, risk rating, or state to get insight into your vulnerability exposure and the services that are affected.

    For more information about the OTVR (PA) dashboard, see Operational Technology Vulnerability Response (PA) dashboard

    OT Vulnerability Risk Rollup dashboard overview

    The Operational Technology (OT) Vulnerability Risk Rollup dashboard contains two tables for your vulnerability risk scores.
    • Vulnerability risk table for your equipment model entities
    • Vulnerability risk table for OT devices with no site assigned

    List menu

    Use the List menu to view all OT Vulnerable Item records that you have access to and remediation tasks that have either been assigned to you or to an assignment group that you are a member of.
    • OT Remediation Tasks
      • Assigned to me
      • Assigned to my groups
    • OT Vulnerable Items
      • Assigned to me
      • Assigned to my groups
      • My Exception Requests
      • All Exceptions
        Note:
        The All Exceptions list also shows exceptions with a Rejected state.

    Navigate to records under the OT Remediation Tasks or OT Vulnerable Items list menus to get more OT-related context. To view the history of the record, you can view the Activity window in the record where various work notes, comments, and record updates are captured. You can also add new comments or work notes in the Compose window.

    For more information about remediation tasks, see Create a remediation task.

    For more information on how to use the List view in the Industrial Workspace for Operational Technology Vulnerability Response, see Use the List view in the IT Remediation Workspace.

    Equipment model menu

    Use the Equipment Model Manager to view OT vulnerable items, and view and create remediation tasks associated with OT devices that are mapped to an equipment model entity.

    Hardware Vulnerability Assessment

    Use the Hardware Vulnerability Assessment menu to view and manage the vulnerabilities assessments that have performed on the firmwares of the OT devices in the inventory.

    Use the following tabs in the Hardware Vulnerability Assessment menu to view all the assessments records and the vulnerable items that are created automatically:
    • Fully matched assessments
    • Partially matched assessments
    • Vulnerable items
    • Ignored assessments
    • Awaiting Normalization