Microsoft Security Response Center Solution Integration

  • Release version: Zurich
  • Updated July 31, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Microsoft Security Response Center Solution Integration

    The Microsoft Security Response Center (MSRC) Solution Integration is part of the Vulnerability Solution Management feature within the Vulnerability Response application, which requires a separate subscription. This integration enables ServiceNow customers to access and implement remediation solutions provided by MSRC for security vulnerabilities affecting Microsoft products and services.

    Show full answer Show less

    MSRC investigates security vulnerabilities and supplies known remediations that are imported into ServiceNow through scheduled jobs. These jobs automatically synchronize your instance with MSRC and other vulnerability management systems to streamline the vulnerability remediation lifecycle. Manual execution of these jobs is also possible.

    Key Features

    • Automated synchronization: Scheduled jobs keep your system updated with the latest MSRC solutions and National Vulnerability Database (NVD) mappings.
    • Integration with Vulnerability Response: Solutions are associated with vulnerabilities, vulnerable items, and remediation tasks for efficient risk management.
    • Role-based access control: Specific roles such as snvul.vulnerabilityadmin, snvul.vulnerabilitywrite, snvul.vulnerability.read, and snvul.remediationowner manage user permissions for reading, writing, and managing remediation notes.
    • Preconfigured run-as user: The integration uses a default run-as user (VR.System) which should not be modified.
    • Version compatibility: Ensure you have the current Vulnerability Response and Vulnerability Solution Management versions installed for compatibility with MSRC integrations.
    • Access points: The integration is available in ServiceNow under All > Vulnerability Response > Administration > Integrations.

    Practical Application for Customers

    ServiceNow customers using Vulnerability Response can leverage the MSRC Solution Integration to:

    • Automatically receive and apply remediation solutions for Microsoft product vulnerabilities discovered since 2016.
    • Maintain up-to-date vulnerability data and remediation guidance synchronized with Microsoft’s security research.
    • Assign and manage remediation tasks efficiently based on imported solutions linked with vulnerability records.
    • Control user access and actions within the Vulnerability Response application using predefined roles and personas.

    Additional Information

    For installation, configuration, and role assignment, customers should refer to the Setup Assistant and related documentation on managing Vulnerability Solution Management and its integrations. Note that MSRC solutions do not include vulnerabilities prior to 2016, and customers should verify their versions against the Vulnerability Response Compatibility Matrix.

    Review and implement proposed remediation solutions provided by the Microsoft Security Response Center Solution Integration.

    Microsoft Security Response Center Solution Integration is included in the Vulnerability Solution Management feature of Vulnerability Response, available by separate subscription. See Vulnerability Solution Management for more information on how Vulnerability Response incorporates solutions.

    Microsoft Security Response Center investigates reports of security vulnerabilities affecting Microsoft products and services, and provides solution information to help manage security risks. Solutions are known remediations imported into your Microsoft Security Response Center Solution Integration from the Microsoft Security Response Center product.

    The Microsoft Security Response Center Solution Integration contains entry points to Microsoft Security Response Center product, invoked as scheduled jobs. Scheduled jobs simplify the vulnerability remediation lifecycle by keeping the instance synchronized with other vulnerability management systems. Scheduled jobs run automatically and in the order specified. You can also execute individual scheduled jobs manually.

    There is a configured run-as user for each integration record. The default value for this user is VR.System. Do not change this value.

    Available versions

    For the most current version of Vulnerability Solution Management and Microsoft Security Response Center solutions, verify you have the most current version of Vulnerability Response installed.

    For more information about installing and configuring Vulnerability Solution Management and solution integrations, see Install the Solution Management for Vulnerability Response application and Configure installed solution integrations for Vulnerability Solution Management using Setup Assistant.

    Release version of Vulnerability Response Version of Vulnerability Solution Management Release Notes

    Vulnerability Response v15.0

    		 v10.3

    For compatibility information, see KB0856498 Vulnerability Response Compatibility Matrix and Release Schema Changes

    Roles

    Microsoft Security Response Center Solution Integration tasks involve the following roles.
    • sn_vul.vulnerability_admin or sn_vul.admin (deprecated): Can read, write, and delete records.
    • sn_vul.vulnerability_write: Can read and write records.
    • sn_vul.vulnerability.read: Can read records.
    • sn_vul.remediation_owner: Can read and write internal notes on records assigned to the remediation specialist group or individual. (Contained in the itil role.)

    Persona and granular roles are available to help you manage what users and groups can see and do in the Vulnerability Response application. For an initial assignment of the persona roles in Setup Assistant, see Assign the Vulnerability Response persona roles using Setup Assistant. For more information about managing granular roles, see Manage persona and granular roles for Vulnerability Response.

    Microsoft Security Response Center Solution Integration

    To view the Microsoft Security Response Center Solution Integration, navigate to All > Vulnerability Response > Administration > Integrations.

    The following integration is included in the base system.

    Table 1. Microsoft Security Response Center Solution Integration
    Integration Description
    Microsoft Security Response Center Solution Integration
    Retrieves solutions and National Vulnerability Database (NVD) mapping to associate solutions with vulnerabilities, vulnerable items, and remediation tasks.
    Note:
    The Microsoft Security Response Center Solution Integration does not provide solutions prior to 2016.

    Solutions

    To view imported solutions in a list, see View a solution.