20.02 enhancements

This topic describes the enhancements in the version 20.02 of BMC Helix Automation Console (SaaS) and TrueSight Automation Console (on-premises). 

Available on the BMC Helix Platform and on-premises

BMC Helix is a portfolio of SaaS offerings delivering service and operations management that is fast, accurate and cost-effective, across multi-cloud, multi-device, and multi-channel environments. BMC Helix services are delivered from your cloud location of choice and receive the benefits of BMC's world-class SaaS Operations team and processes.

Automation Console is available as a service, called BMC Helix Automation Console (SaaS), and as an on-premises product, called TrueSight Automation Console. 

Creation and approval of change requests

When operational changes are implemented, administrators need to document and track these changes in a change management system. When you import a scan file in Automation Console, vulnerabilities and assets get imported. You first map assets to endpoints in TrueSight Server Automation, and then vulnerabilities to remediation content in Automation Console. After this, operators create operations for remediating vulnerabilities. As part of the vulnerability remediation operation, you can now create a change request in the change management system, which tracks the operations, and goes through a change approval process. 

In this release, Automation Console integrates with BMC Remedy IT Service Management (ITSM) to create change requests and implement an approval process. This is available for a vulnerability remediation operation, and not for a patch remediation operation. After a change request is approved, the operation runs according to the schedule. 

Administrators enable change automation using the TrueSight Orchestration – ITSM Automation runbook. For more information, see Change automation

Blind spot detection using BMC Discovery

In this release, Automation Console integrates with BMC Discovery (on-premises only) to find servers in your environment that are not mapped in the endpoint manager, TrueSight Server Automation, and are not scanned for vulnerabilities. Such servers or assets are blind spots and can be a potential security risk as there might be critical undiscovered vulnerabilities on those servers. The Discovered Assets page lists such assets. Key Performance Indicators (KPIs) on the Discovered Assets page show information about the total number of discovered assets, assets that are discovered but not mapped to endpoints in Server Automation, and assets that are not yet scanned. You must ensure that the discovered assets are scanned for missing patches and vulnerabilities.

To enable this integration, you must configure the BMC Discovery connector after installing the product. See Configuring the BMC Discovery connector

Vulnerability Dashboard enhancements

In this release, the Vulnerability Dashboard is enhanced to provide the following additional metrics:

  • Severity breakdown: Shows the severity levels for vulnerabilities in your environment. 
  • SLA breakdown: Shows the SLA levels for vulnerabilities in your environment. 
  • Top 10 Business Services at Risk: Shows the top 10 business services or applications with the maximum number of vulnerabilities and impacted assets.
    You see this information only if Automation Console is integrated with BMC Discovery.
  • New Awaiting Approval stage in the Vulnerabilities by Stage widget: Shows the number of vulnerabilities for which operations are created with change automation configured and the change request is not yet approved. 
  • New Average Days Awaiting Approval stage in the Remediation Trend widget: Shows the average number of days for which vulnerabilities in a remediation operation are in the Awaiting Approval stage. 

For more information, see Using the Vulnerability Dashboard.

Support for additional user authentication methods

In 20.02, you can now log in to Automation Console using RSA Secure ID and Lightweight Directory Access Protocol (LDAP) authentication methods. These methods are supported by the endpoint manager, TrueSight Server Automation. 

For more information, see Logging in

Support for executing a patch policy instantly

In earlier versions, you could run patch policies only according to the schedule. Now, you can run a patch policy immediately after it is created. For policies that already exist, you can run them in real time irrespective of any schedule. 

For more information, see Working with patch policies.

Vulnerability management enhancements

This release consists of the following enhancements to manage vulnerabilities:

Support for additional remediation content to remediate vulnerabilities

With this release, you can now map vulnerabilities to these types of remediation content:

  • Patches
  • Installshield packages
  • Microsoft Installer (MSI) packages
  • Operating system service packs
  • Red Hat packages
  • Custom software

Except for patches, the new types of remediation content are available only when you are manually mapping a vulnerability. 

Existing remediation content, BLPackages and NSH scripts, are now enhanced. While creating a vulnerability remediation operation, you can configure properties for BLPackages and select additional parameters for NSH scripts. For more information, see Risks

Removing mapping for auto-mapped assets

With this release, you can now remove mapping for assets that were automatically mapped to endpoints in TrueSight Server Automation. For more information, see Working with assets

Vulnerability noise reduction

An open vulnerability is now closed automatically if the remediation content is similar for multiple vulnerabilities during the operation. 

For more information, see Operations.

Export missing patches and vulnerabilities data to CSV

On the Risks page, you can now export the data for missing patches and vulnerabilities to a CSV file.

For more information, see Working with risks.

Extended staging window for patch operations

While creating a patch operation, the maximum limit of the staging window is now extended from 24 hours to 999 hours.

For more information, see Working with operations.

Recursive delete for vulnerability draft operation

On the Operations page, when you delete a vulnerability draft operation, its sub-operations are also deleted.

For more information, see Working with operations.

Support for additional search filters

On the Assets > Managed Assets page, you can now use the Advanced Search option to search for assets using the new Unique Missing Patch filter. On the Assets > Scanned assets page, you can search using the Vulnerability Name filter. For more information, see Working with assets

Ability to sort data in columns

You can now sort data in columns on the Operations, Manage, and Administration tabs. For Assets and Risks, advanced filters enable you to filter data that matches your requirement.

Related topic

Known and corrected issues

Was this page helpful? Yes No Submitting... Thank you