Page tree

Skip to end of metadata
Go to start of metadata

This topic provides an overview of the BMC Helix Vulnerability Management offering. For BMC Helix Vulnerability Management product-specific information, click here

The following items are documented for this service:


BMC Helix Vulnerability Management services are available with the purchase of any of the following line items from your ordering document:


Unit of Measurement

Service location

BMC Helix Vulnerability Management for Servers on BMC Cloudper asset - average server endpoint - SaaS

European Union

With the "per asset - average server endpoint - SaaS" unit of measurement, a subscription is required for the highest monthly average of server endpoints monitored, managed or discovered by the service. “Server endpoints” include any virtual or physical computer that provides a service for other computers or users connected to it via the Internet, extranet, intranet, or other networked technologies. Each virtual machine, regardless of the environment it is hosted in, is considered a server endpoint.

Additional license terms

The following additional terms apply to the BMC Helix Vulnerability Management service:

  • Licensing terms and conditions are as defined in the governing master agreement and take precedence over any published description from this site.
  • Entitlements are subject to change.
  • There is a 500,000 asset violation limit for every 1,000 endpoints.
  • There is a database storage limit of 5 GB for every 1,000 endpoints. Additional storage space may be purchased if needed.
  • License usage is calculated in aggregate over the term of the order and is not limited to the capacity purchased per month. For example, if you purchase a quantity of 500 assets on a two year term, you may use up to 12,000 assets (500 * 24 months) over the term of the order, regardless of the individual distribution by month.
  • TrueSight Server Automation is a pre-requisite purchase.

Standard environments

Your purchase of BMC Helix Vulnerability Management provides the following environment:

  • Production

Pre-requisite service

Purchasing the BMC Helix Vulnerability Management service also requires its corresponding on premises component as follows:

  • TrueSight Server Automation (TSSA)

This product may be purchased under a separate licensing agreement and must be installed prior to activation of the BMC Helix Vulnerabilty Management service. Once TSSA is installed on your premises, you must provide BMC with the IP (or virtual IP) address  of the TSSA Application Server and its Web Services REST API port number. This information will be used by BMC to generate a key that will enable you to connect your BMC Helix Vulnerability Management service to your on premises TSSA implementation.

Download instructions for TSSA are provided with the welcome email you received after the sales order is processed by BMC. If you did not receive this email, please contact BMC Support.

The BMC Helix Vulnerability Management service is compatible with TSSA version 8.9.04 Patch 1 and higher. Installation and configuration of TSSA is the customer's sole responsibility.

Add-on services

BMC Helix Additional Storage 

Related topics

BMC Helix Vulnerability Management activation

Configuring the TrueSight Server Automation connector

Roles and responsibilities

Support information