2021 enhancements

Review the Automation Console 2021 enhancements for features that will benefit your organization and to understand the changes that might impact your users.


Related topics

Known-and-corrected-issues

Release-notes-and-notices

September 21, 2021

Integration with Tenable.sc

BMC Helix Automation Console integrates with Tenable.sc directly (without importing the XML files) to retrieve vulnerability scan results. You can analyze these vulnerabilities and create remediation operations to resolve them. To enable this integration, you must configure the Tenable.sc connector. For details, see Configuring-the-Tenable-sc-connector.

tenable_connector.png

Ability to share scan files with security groups

You can now share the imported scan files with other security groups. Users that belong to these security groups can then remediate the vulnerabilities that are reported in the scan files. For details, see Working-with-scans.

Mapping multiple patches to remediate vulnerabilities

If a patch catalog imported in BMC Helix Automation Console includes multiple patches that are required to remediate a vulnerability, all these patches are auto-mapped with the vulnerability. To remediate the vulnerability, you can deploy all the patches to the targets in a single remediation operation. Also, you can select multiple patches from the same catalog while manually mapping the remediation content with the vulnerability. For details, see Working-with-risks.

This feature is currently supported only for the TrueSight Server Automation.

Optional schedule for catalogs

While creating a patch catalog, it is now optional to define a schedule to update the catalog. You can add, update, and disable the schedule as required. When you skip the schedule definition, the schedule defined in TrueSight Server Automation is used. For more information, see Working-with-catalogs.

skip_schedule.png

Ubuntu platform support

This release includes the Ubuntu platform support for patch catalogs. For details, see Working-with-catalogs.


May 27, 2021

Ability to keep patch catalogs current

You can now update a patch catalog any time, irrespective of a previously configured schedule. When you update the catalog in Automation Console, it is automatically updated in TrueSight Server Automation with the latest patches released by the vendor and is synced with the catalog in Automation Console.

If a catalog is already updated in TrueSight Server Automation, you can perform the sync action in Automation Console to sync with the latest updated catalog.

Update and sync.png

For details, see Working-with-catalogs

Support for Batch jobs

You can now create operation templates and operations for Batch jobs.

For details, see Working-with-operation-templates and Working-with-operations.

Ad hoc operations

You can now create ad hoc operations without using operation templates to run the existing NSH Script, Deploy, and Batch jobs in Server Automation. 

Adhoc Jobs.png

For more information, see Working-with-operations.

Enhanced patch policy configuration

While creating a patch policy for a Linux system such as SUSE, OEL, CentOS, and RHEL, you can now configure the following modes to scan assets based on the selected patch catalog:

  • Install Mode to identify and install missing RPMs and their dependencies.
  • (For SUSE Linux only) Dist-Upgrade Mode to identify the distribution or service pack upgrade for the scanned assets. 

For more information, see Working-with-patch-policies.

GUI enhancements

This release includes the following GUI enhancements:

  • On the Risks page, the remediation content now displays the version and architecture of an operating system in addition to its type and vendor. These additional details are used to increase the percentage of auto-mapped assets.

    remediation_details.png

    For details, see Working-with-risks.
  • On the Managed Assets page, you can now add tags to the assets to classify and enrich data, and use these tags to filter assets.

    Tags for managed assets.png

    For details, see Working-with-assets.  


March 20, 2021

Support for managing risks for SUSE, CentOS, and Oracle Linux ULN

You can now import SUSE, CentOS, and Oracle Linux ULN catalogs from Automation Console and create patch policies to identify missing patches on the SUSE, CentOS, and Oracle Linux assets. If your scan file consists of vulnerabilities on the SUSE and Oracle Linux assets, the vulnerabilities are also automatically mapped to the endpoints in the endpoint manager and appropriate remediation content. For CentOS, one needs to manually map vulnerabilities to the endpoints in the endpoint manager.

You can also create a patch or a vulnerability operation for applying missing patches or remediating vulnerabilities on the SUSE, CentOS, and Oracle Linux assets. 

For managing risks for Oracle Linux ULN, your TrueSight Server Automation version must be 21.02.

For details about managing missing patches or vulnerabilities, see Using

Compliance management for assets

Compliance is the process of determining whether the assets in your environment meet a specific standard. That standard might be a regulatory standard, such as DISA or SOX, or an internal standard defined by your organization. Using Automation Console, you can manage compliance for assets. 

You can create a compliance scan policy in Automation Console, which scans the specified assets, and displays the compliance posture (a percentage of compliant, non-compliant, and indeterminate assets) of the assets on the Risks > Compliance page. After identifying compliance violations on the scanned assets, you can create remediation operations to resolve the violated rules and make the assets compliant with the standards.

A new Compliance Dashboard shows the compliance posture, non-compliant assets by risk score, SLA, and stages, and other metrics about the compliance evaluations on the assets. 

Compliance Dashboard.png

For details, see Working-with-compliance-scan-policies

Creation of operation templates and operations for NSH Script and Deploy jobs

You can now create operation templates using which operators can create operations that run jobs in TrueSight Server Automation. Currently, NSH script and BLPackage Deploy (Basic) jobs are supported. An operation template can be shared with multiple security groups with a controlled choice of options to create operations of the same type repeatedly, and hence bringing more efficiency in running operations. 

Operation Templates.png

For details, see Working-with-operation-templates

Creation and approval of change requests using ServiceNow

You can now integrate Automation Console with ServiceNow IT Service Management system to create change requests and implement an approval process for remediation operations. 

If an administrator enables change creation for your organization, you can create a change request while creating an operation. After the request is approved in ServiceNow, the operation runs according to a schedule. After the operation is complete, the change request is closed. The status of the change request is displayed on the Operations page. 

CR for SNOW.png

Administrators enable change automation using the TrueSight Orchestration – ITSM Automation runbook.

For details, see Change-automation

Enhancements to exceptions

Vulnerability exceptions provides the following updates:

  • Permanent exceptions: You can create exceptions to permanently exclude vulnerabilities on assets from being remediated. When you create a permanent exception, the end date is automatically set to 100 years from the start date.
  • Extend exception end date: You can update the end date of an exception, which allows you to either extend or shorten the time period for excluding vulnerabilities from being remediated.
  • New Create Date and Updated Date columns on the Manage exceptions page: On the Manage Exceptions page, you can now view the exception created and updated dates in separate columns. This is particularly useful if you want to see when was an exception created as the start and end dates do not provide this information.

For details, see Working-with-exceptions.

View additional details for missing patches and vulnerabilities

On the Risks > Missing Patches page, when you expand a missing patch name, you can view details such as the impacted asset name, operating system, risk owner, risk score, and SLA. 

On the Risks > Vulnerabilities page, when you expand a vulnerability name, you can now view details such as the impacted asset name, operating system, risk owner, risk score, SLA, and the remediation content. This list shows the actionable assets, which are mapped to the remediation content and to endpoints in the endpoint manager.

VAT expansion.png

For details, see Working-with-risks.

GUI enhancements

This release provides several changes to the existing features that improve your experience with the product:

  • While adding and editing a patch policy and on the Administration > Manage Catalogs page, you can now view Operating System and Operating System Vendor columns, which provide additional information about the imported catalogs.
    For details, see Working-with-catalogs.
  • The Remediation Trend widget is renamed to Patch Trend on the Patch Dashboard and Vulnerability Trend on the Vulnerability Dashboard. 
    For details, see Using-dashboards.
  • On the Assets > Managed Assets page, the Compliance Violations column now shows the number of compliance policy violations on a given asset.
    For details, see Working-with-assets

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*