Learn what’s new or changed for BMC Helix Automation Console, including new features, urgent issues, documentation updates, and fixes or patches.
March 20, 2021
Support for managing risks for SUSE, CentOS, and Oracle Linux ULN
You can now import SUSE, CentOS, and Oracle Linux ULN catalogs from Automation Console and create patch policies to identify missing patches on the SUSE, CentOS, and Oracle Linux assets. If your scan file consists of vulnerabilities on the SUSE, CentOS, and Oracle Linux assets, the vulnerabilities are also automatically mapped to endpoints in the endpoint manager and appropriate remediation content.
You can also create a patch or a vulnerability operation for applying missing patches or remediating vulnerabilities on the SUSE, CentOS and Oracle Linux assets.
For managing risks for SUSE and CentOS, your TrueSight Server Automation version must be 21.02.
For details about managing missing patches or vulnerabilities, see Using.
Compliance management for assets
Compliance is the process of determining whether the assets in your environment meet a specific standard. That standard might be a regulatory standard, such as DISA or SOX, or an internal standard defined by your organization. Using Automation Console, you can manage compliance for assets.
You can create a compliance scan policy in Automation Console, which scans the specified assets, and displays the compliance posture (a percentage of compliant, non-compliant, and indeterminate assets) of the assets on the Risks > Compliance page. After identifying compliance violations on the scanned assets, you can create remediation operations to resolve the violated rules and make the assets compliant with the standards.
A new Compliance Dashboard shows the compliance posture, non-compliant assets by risk score, SLA, and stages, and other metrics about the compliance evaluations on the assets.
For managing compliance, your TrueSight Server Automation version must be 21.02.
For details, see Compliance policy scans.
Creation of operation templates and operations for NSH Script and Deploy jobs
You can now create operation templates using which operators can create operations that run jobs in TrueSight Server Automation. Currently, NSH script and BLPackage Deploy (Basic) jobs are supported. An operation template can be shared with multiple security groups with a controlled choice of options to create operations of the same type repeatedly, and hence bringing more efficiency in running operations.
For working with operation templates, you must use TrueSight Server Automation version 21.02.
For details, see Working with operation templates.
February 5, 2021
Creation and approval of change requests using ServiceNow
You can now integrate Automation Console with ServiceNow IT Service Management system to create change requests and implement an approval process for remediation operations.
If an administrator enables change creation for your organization, you can create a change request while creating an operation. After the request is approved in ServiceNow, the operation runs according to a schedule. After the operation is complete, the change request is closed. The status of the change request is displayed on the Operations page.
Administrators enable change automation using the TrueSight Orchestration – ITSM Automation runbook.
For details, see Change automation.
January 15, 2021
Enhancements to exceptions
Vulnerability exceptions provides the following updates:
- Permanent exceptions: You can create exceptions to permanently exclude vulnerabilities on assets from being remediated. When you create a permanent exception, the end date is automatically set to 100 years from the start date.
- Extend exception end date: You can update the end date of an exception, which allows you to either extend or shorten the time period for excluding vulnerabilities from being remediated.
- New Create Date and Updated Date columns on the Manage exceptions page: On the Manage Exceptions page, you can now view the exception created and updated dates in separate columns. This is particularly useful if you want to see when was an exception created as the start and end dates do not provide this information.
For details, see Working with exceptions.
View additional details for missing patches and vulnerabilities
On the Risks > Missing Patches page, when you expand a missing patch name, you can view details such as the impacted asset name, operating system, risk owner, risk score, and SLA.
On the Risks > Vulnerabilities page, when you expand a vulnerability name, you can now view details such as the impacted asset name, operating system, risk owner, risk score, SLA, and the remediation content. This list shows the actionable assets, which are mapped to the remediation content and to endpoints in the endpoint manager.
For details, see Working with risks.
This release provides several changes to the existing features that improve your experience with the product:
- While adding and editing a patch policy and on the Manage > Manage Catalogs page, you can now view Operating System and Operating System Vendor columns, which provide additional information about the imported catalogs.
For details, see Working with catalogs.
- The Remediation Trend widget is renamed to Patch Trend on the Patch Dashboard and Vulnerability Trend on the Vulnerability Dashboard.
For details, see Using dashboards.
- On the Assets > Managed Assets page, the Compliance Violations column now shows the number of compliance policy violations on a given asset.
For details, see Working with assets.