Consolidated page of all release notes for Operational Technology Vulnerability Response from Washington DC to Zurich.
How to use this page
To help you prepare for your upgrade, we have combined the cross-family Operational Technology Vulnerability Response release notes onto one page. Read this summary of the new features, changes, and updated information for your product from Washington DC to Zurich.
Tip: If there were no updates for a release notes section in a certain family release, we included a short note for your reference. For example, if a product did not have any updates in Tokyo, the row says "No updates for this release."
Important information for upgrading Operational Technology Vulnerability Response to Zurich
Before you upgrade to Zurich, review these pre- and post-upgrade tasks and complete the tasks as needed.
| Release |
Release notes |
Washington DC |
No updates for this release. |
Xanadu |
No updates for this release. |
Yokohama |
No updates for this release. |
Zurich |
No updates for this release. |
New features
Between your current release family and Zurich, new features were introduced for Operational Technology Vulnerability Response.
| Release |
Release notes |
Washington DC |
|
Xanadu |
|
Yokohama |
- Configuring Operational Technology Vulnerability Response from the SEM Workspace
- Starting from Operational Technology Vulnerability Response version 30.0.x, users may be redirected to the Unified Security Exposure Management (USEM) Workspace to perform some configuration tasks. The Vulnerability Response plugin is consolidated under USEM from version 30.0.x.
- Demo data not required for Operational Technology Risk Calculator plugin
- You can directly access and use the Operational Technology Vulnerability Response Risk Calculator without loading the demo data while installing the plugin. In previous releases, the risk calculation was included as part of the demo data.
- Enhanced features for Hardware Vulnerability Assessment for OT devices
- The following enhancements are available in Hardware Vulnerability Assessment:
- Assessments without Normalization: Ability to assess discovery models without content available for normalization.
- Confidence Scores: New scoring mechanism for all types of assessments.
- Version Range Support: The range information provided by the National Vulnerability Database (NVD) is used to create assessments without explicitly creating Common Platform Enumeration (CPEs) in the NVD.
- Partial assessment for partially normalized discovery model: Creates partial assessments for discovery models without firmware version. The partial assessments are done if the other versions of the discovery model have
the same publisher and model.
- Expiring of assessments: If you update the firmware version of a CI, the corresponding normalized discovery model also updates. The assessment records based on the older firmware version expires while new assessments
are generated for new firmware version.
- Hardware Vulnerability Assessment menu in the Industrial Workspace
- Automatically and periodically assess the OT device firmware vulnerabilities that are in your inventory and create vulnerable items against the impacted assets (CI).
- Vulnerability risk scores on the OT Risk Management dashboard
- View a table of vulnerability risk scores for your OT devices at each level of the equipment model with the OT Risk Management dashboard.
- Enhanced OTVR (PA) dashboard experience
- View and manage all of your OT vulnerability data and data visualizations in a centralized location with the enhanced OTVR (PA) dashboard, which is accessible on the Dashboard Library page.
|
Zurich |
- Configuring Operational Technology Vulnerability Response from the SEM Workspace
- Starting from Operational Technology Vulnerability Response version 30.0.x, users may be redirected to the Unified Security Exposure Management (USEM) Workspace to perform some configuration tasks. The Vulnerability Response plugin is consolidated under USEM from version 30.0.x.
- Demo data not required for Operational Technology Risk Calculator plugin
- You can directly access and use the Operational Technology Vulnerability Response Risk Calculator without loading the demo data while installing the plugin. In previous releases, the risk calculation was included as part of the demo data.
- Enhanced features for Hardware Vulnerability Assessment for OT devices
- The following enhancements are available in Hardware Vulnerability Assessment:
- Assessments without Normalization: Ability to assess discovery models without content available for normalization.
- Confidence Scores: New scoring mechanism for all types of assessments.
- Version Range Support: The range information provided by the National Vulnerability Database (NVD) is used to create assessments without explicitly creating Common Platform Enumeration (CPEs) in the NVD.
- Partial assessment for partially normalized discovery model: Creates partial assessments for discovery models without firmware version. The partial assessments are done if the other versions of the discovery model have
the same publisher and model.
- Expiring of assessments: If you update the firmware version of a CI, the corresponding normalized discovery model also updates. The assessment records based on the older firmware version expires while new assessments
are generated for new firmware version.
- Vulnerability risk scores on the OT Risk Management dashboard
- View a table of vulnerability risk scores for your OT devices at each level of the equipment model with the OT Risk Management dashboard.
|
Changes
Between your current release family and Zurich, some changes were made to existing Operational Technology Vulnerability Response features.
| Release |
Release notes |
Washington DC |
- New Industrial
Workspace experience
- The OT Manager dashboard in the Industrial
Workspace was split up into the following tabs so that you can separately monitor your OT device data and OT vulnerability data:
- OT Devices tab
- OT Vulnerabilities tab
|
Xanadu |
- OT Vulnerabilities tab data
- The following data that was available in the OT Vulnerabilities tab of the OT Manager dashboard has been moved to the OTVR (PA) dashboard:
- Total OT Vulnerable Items
- New OT Vulnerable Items
- OT Unassigned Vulnerable Items
- OT Vulnerable Items by State
- OT Vulnerable Items by Risk Rating
|
Yokohama |
- OT Vulnerabilities tab data
- The following data that was available in the OT Vulnerabilities tab of the OT Manager dashboard has been moved to the OTVR (PA) dashboard:
- Total OT Vulnerable Items
- New OT Vulnerable Items
- OT Unassigned Vulnerable Items
- OT Vulnerable Items by State
- OT Vulnerable Items by Risk Rating
|
Zurich |
No updates for this release. |
Removed
Between your current release family and Zurich, some Operational Technology Vulnerability Response features or functionality were removed.
| Release |
Release notes |
Washington DC |
No updates for this release. |
Xanadu |
No updates for this release. |
Yokohama |
No updates for this release. |
Zurich |
No updates for this release. |
Deprecations
Between your current release family and Zurich, some Operational Technology Vulnerability Response features or functionality were deprecated.
| Release |
Release notes |
Washington DC |
No updates for this release. |
Xanadu |
- The OT Vulnerabilities tab is no longer available on the OT Manager dashboard in the Industrial Workspace.
- Starting with the Xanadu release, Vulnerability Response Integration with Microsoft Defender for IoT (On-premises Management Console) integration is being prepared for future deprecation. It will
be hidden and no longer activated on new instances but will continue to be supported.
|
Yokohama |
- The OT Vulnerabilities tab is no longer available on the OT Manager dashboard in the Industrial Workspace.
- Starting with the Yokohama release, Vulnerability Response Integration with Microsoft Defender for IoT (On-premises Management Console) integration is being prepared for future deprecation. It will
be hidden and no longer activated on new instances but will continue to be supported.
|
Zurich |
No updates for this release. |
Activation information
Review information on how to activate Operational Technology Vulnerability Response.
| Release |
Release notes |
Washington DC |
Install Operational Technology Vulnerability Response by requesting it from the ServiceNow Store. Visit the ServiceNow Store website to view all the available apps and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.
|
Xanadu |
Install Operational Technology Vulnerability Response by requesting it from the ServiceNow Store. Visit the ServiceNow Store website to view all the available apps and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.
|
Yokohama |
Install Operational Technology Vulnerability Response by requesting it from the ServiceNow Store. Visit the ServiceNow Store website to view all the available apps and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.
|
Zurich |
Install Operational Technology Vulnerability Response by requesting it from the ServiceNow Store. Visit the ServiceNow Store website to view all the available apps and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.
|
Additional requirements
If any additional requirements were introduced or changed for Operational Technology Vulnerability Response we have noted them here.
| Release |
Release notes |
Washington DC |
No updates for this release. |
Xanadu |
No updates for this release. |
Yokohama |
No updates for this release. |
Zurich |
No updates for this release. |
Browser requirements
If any specific browser requirements were introduced or changed for Operational Technology Vulnerability Response we have noted them here.
| Release |
Release notes |
Washington DC |
No updates for this release. |
Xanadu |
No updates for this release. |
Yokohama |
No updates for this release. |
Zurich |
No updates for this release. |
Accessibility information
Review details on accessibility information for Operational Technology Vulnerability Response, such as specific requirements or compliance levels.
| Release |
Release notes |
Washington DC |
No updates for this release. |
Xanadu |
No updates for this release. |
Yokohama |
No updates for this release. |
Zurich |
- Coral theme
- Coral is now the default theme for new portal, web, and mobile experiences with Next Experience or Core UI enabled. This theme provides a fresh look and feel, featuring brand-neutral illustrations to enhance your user experience. A dark theme option is available for web and mobile experiences.
|
Localization information
If there are specific localization considerations for Operational Technology Vulnerability Response we have noted them here.
| Release |
Release notes |
Washington DC |
No updates for this release. |
Xanadu |
No updates for this release. |
Yokohama |
No updates for this release. |
Zurich |
No updates for this release. |
Highlight information
If there are specific highlight considerations for Operational Technology Vulnerability Response we have noted them here.
| Release |
Release notes |
Washington DC |
- Change the Operational Technology Vulnerability Response (OT VR) assignment group field for multiple site records at once.
- Use the Common Security Advisory Framework (CSAF) with multiple vendor support when importing solutions from Aggregators or Trusted Providers.
- Manage remediation tasks more efficiently with the OT Vulnerability Remediation Owner (sn_otvr.remediation_owner) role.
- Mitigate controls using the Libraries module in the Industrial Workspace.
- Use the enhanced OTVR (PA) dashboard.
- Monitor your vulnerability data in a centralized location with the new OT Vulnerabilities tab that is available in the Industrial
Workspace.
- Track the volume, performance, and progress of OT vulnerable items (VIs) from the initial analysis and detection to the containment, or remediation, with the new Operational Technology Vulnerability Response (PA) dashboard in the Industrial
Workspace.
See Operational Technology Vulnerability Response for more information.
|
Xanadu |
- Assess the vulnerabilities for the firmware of the OT assets with Hardware Vulnerability Assessment.
- View solutions or details of a vulnerable item (VIT) with enhanced UI
options.
- Manage your vulnerable items and Operational Technology Vulnerability Response data with the enhanced OTVR (PA) dashboard in the Industrial Workspace.
- View the risk score of your OT devices at each level of the equipment model with the OT Vulnerability Risk Rollup dashboard.
- Change the Operational Technology Vulnerability Response (OT VR) assignment group field for multiple site records at once.
- Use the Common Security Advisory Framework (CSAF) with multiple vendor support when importing solutions from Aggregators or Trusted Providers.
- Manage remediation tasks more efficiently with the OT Vulnerability Remediation Owner (sn_otvr.remediation_owner) role.
- Mitigate controls using the Libraries module in the Industrial Workspace.
- Use the enhanced OTVR (PA) dashboard.
See Operational Technology Vulnerability Response for more information.
|
Yokohama |
- Configure Operational Technology Vulnerability Response from the Security Exposure Management Workspace (SEM Workspace).
- Access the Operational Technology Vulnerability Response Risk Calculator plugin directly without loading the demo data.
- View all vulnerable items that have been created from the OT Vulnerable Items list in the Industrial Workspace.
- View all remediation tasks that have been created from the OT Remediation Tasks list in the Industrial Workspace.
- View all vulnerability exceptions that have been created from the OT Vulnerability Exception Approvals list in the Industrial Workspace.
- Hardware Vulnerability Assessment is available for firmware discovery models without normalized data.
- Assess the vulnerabilities for the firmware of the OT assets with Hardware Vulnerability Assessment.
- View solutions or details of a vulnerable item (VIT) with enhanced UI options.
- Manage your vulnerable items and Operational Technology Vulnerability Response data with the enhanced OTVR (PA) dashboard in the Industrial Workspace.
- View the risk score of your OT devices at each level of the equipment model with the OT Vulnerability Risk Rollup dashboard.
See Operational Technology Vulnerability Response for more information.
|
Zurich |
- Configure Operational Technology Vulnerability Response from the Security Exposure Management Workspace (SEM Workspace).
- Access the Operational Technology Vulnerability Response Risk Calculator plugin directly without loading the demo data.
- View all vulnerable items that have been created from the OT Vulnerable Items list in the Industrial Workspace.
- View all remediation tasks that have been created from the OT Remediation Tasks list in the Industrial Workspace.
- View all vulnerability exceptions that have been created from the OT Vulnerability Exception Approvals list in the Industrial Workspace.
- Hardware Vulnerability Assessment is available for firmware discovery models without normalized data.
See |