0
2.3.1
Yokohama, Xanadu, Washington DC, Vancouver
This patch orchestration integration with the Vulnerability Response application uses scheduled Patch imports from the Microsoft System Center Configuration Manager (SCCM) product to help your security and IT teams identify your critical vulnerabilities and then apply the updates that can fix them.
The key features include:
- View your assets with vulnerabilities that are missing patches or were not successfully updated.
- Schedule patches from the Vulnerability Response application to initiate patching in the SCCM console.
- View detailed patch information in one location in your Now Platform that includes the highest supersedence, SLA details, and status of patch deployments. Also confirm if patches have been downloaded.
- Select the preferred patches that match specific vulnerabilities on your vulnerable items.
- States of vulnerable items automatically transition from Open to Awaiting Implementation if a preferred patch exists.
- View patch progress and other vulnerability information at the remediation task level in the Vulnerability Manager Workspace, IT Remediation Workspace and classic UI.
- Monitor and track patch deployments to avoid conflicts with working hours with an optional process for approving patch requests.
- New
- The patch orchestration data model is extended to integrate with ITSM systems seamlessly.
-
The following applications must be installed and activated:
- The Vulnerability Response application version 16.1.1 and its dependency plugins must be installed and activated.
- The Vulnerability Response Patch Orchestration application - v2.0.1
- The Service Graph Connector for Microsoft SCCM - v2.4.2
- The ServiceNow IntegrationHub Action Step - PowerShell
- Permissions and roles:
- System Admin (admin) for installation and role assignment
- Vulnerability Admin (sn_vul.vulnerability_admin) for access to all VR records.
- The SCCM vulnerability integration tasks require the following additional roles.
- sn_vul_sccm.configure_integration: Administrator for the MS SCCM Vulnerability Integration application.
- sn_vul_sccm.read_integration: Permits users to read the MS SCCM Vulnerability Integration records.
- sn_vul_patch_orch.configure_patch: Required for users to configure and apply patches.
- sn_vul_patch_orch.read_patch: Read-only role so users can view patches.