0
1.2.1
Yokohama, Xanadu, Washington DC, Vancouver
This patch orchestration integration with the Vulnerability Response application uses scheduled patch imports (Fixlets) from the HCL BigFix product to help your security and IT teams identify your critical vulnerabilities and then apply the updates that can fix them.
The key features include:
- View your assets with vulnerabilities that are missing patches or were not successfully updated.
- Schedule patches from the Vulnerability Response application to initiate patching in the HCL BigFix console.
- View detailed patch information in one location in your Now Platform that includes the highest supersedence, SLA details, and status of patch deployments.
- Select the preferred patches that match the specific vulnerabilities on your vulnerable items.
- States of vulnerable items automatically transition from "Open" to "Awaiting Implementation" if a preferred patch exists.
- View patch progress and other vulnerability information at the remediation task level in both the Vulnerability Response Workspaces and in the classic UI.
- Monitor and track patch deployments to avoid conflicts with working hours with an optional process for approving patch requests.
Fixed:
- The Patch Orchestration with HCL Bigfix Integration sends the correct source_id during import for a patch deployment instead of the serial_number.
-
The following applications must be installed and activated:
- The Vulnerability Response application and its dependency plugins must be installed and activated.
- The Vulnerability Response Patch Orchestration application.
Permissions and roles:
- System Admin (admin) for installation and role assignment, Vulnerability Admin (sn_vul.vulnerability_admin) for access to all VR records.
-
The BigFix vulnerability integration tasks require the following additional roles:
- sn_vul_bigfix.configure_integration: Administrator for the BigFix Vulnerability Integration application.
- sn_vul_bigfix.read.integration: Read permission for the BigFix Vulnerability Integration records.
- sn_vul_patch_orch.configure_patch: Required for users to configure and apply BigFix patches.
- sn_vul_patch_orch.read_patch: Read-only permission to view patches.