19.11 features

This topic provides information about the features available in this release of BMC Helix Automation Console. 

BMC Helix Automation Console is a product in the BMC Helix Vulnerability Management service. 

For most organizations, patch and vulnerability management is an essential risk mitigation technique that takes care of security threats. BMC Helix Automation Console offers a simplified, automated patch and vulnerability management solution that integrates with TrueSight Server Automation to ensure that your environment is protected and secure.

Typically, in organizations, thousands of servers need to be patched periodically and different teams own this patch process. Automation Console ensures that irrespective of multiple teams working in the same environment, the patching process remains uninterrupted and faultless. 

BMC Helix is a portfolio of SaaS offerings delivering service and operations management that is fast, accurate and cost-effective, across multi-cloud, multi-device, and multi-channel environments. BMC Helix services are delivered from your cloud location of choice and receive the benefits of BMC's world-class SaaS Operations team and processes.

For analyzing vulnerabilities identified on assets in your environment, you import the vulnerability scan results. After a successful import, assets are automatically mapped to endpoints in the endpoint manager, and vulnerabilities are mapped to the remediation content. After the mapping is complete, you can perform remediation operations to resolve the vulnerabilities. 

In this release, the Automation Console supports importing files from Qualys, Nessus, and Rapid7 vulnerability management tools. 

For more information, see Scans.

In BMC Helix Automation Console, risks comprise missing patches and vulnerabilities. When a policy scans the assets in your environment successfully, the Risks > Missing Patches page shows a list of unique missing patches and assets on which the patches are missing. Using this data, operators can create operations to install missing patches on impacted assets. 

When you import a scan file, vulnerabilities are imported and appear in the Risks > Vulnerabilities page. Vulnerabilities are further mapped to remediation content, such as patches or NSH scripts. When operators create operations, remediation actions are performed on the impacted assets. 

To understand how risks are identified and displayed, see Risks. 

The Patch Dashboard page is a single pane view of the patch compliance health in your environment. Dashboard widgets show the metrics for missing patches based on severity, patch age, and Service Level Agreements. 

The remediation trend for the last six weeks also appears on the Patch Dashboard. This remediation trend is the result of the remediation operations performed by operators to apply missing patches on assets.

The metrics get refreshed after each policy scan. You can:

• Filter the dashboard data using filters for the operating system, severity, and patch policy.
• Generate a PDF of the current state of the dashboard. 
• Drill-down from each widget to obtain more data.

The Vulnerability Dashboard shows the vulnerabilities imported from the scan. Dashboard widgets show:

• Number of vulnerabilities mapped to remediation content and assets
• Assets with severity and SLA distribution
• Vulnerabilities by remediation stages
• Remediation trend for the last six weeks 
• Top 10 vulnerabilities

The metrics get refreshed every time a new scan file is imported, vulnerabilities are mapped, operations are created, and vulnerabilities are resolved. 

For more information about using the patch and vulnerability dashboards, see Using-Dashboards. 

Based on the policy or scan file results, you can create remediation operations to apply missing patches or resolve vulnerabilities on selected assets.

When you create an operation, a Patch Analysis – Remediation job is created in Server Automation, which performs the remediation actions such as applying missing patches, or running NSH scripts or deploy jobs on the specified asset based on the options configured in the operation. As part of an operation, a patch analysis job is also performed to verify whether the remediation actions are performed successfully. You can also notify stakeholders of the operation results.

For more information, see Operations. 

Automation Console enables you to set Service Level Agreements (SLAs) that define the period (in days) within which the missing patches or vulnerabilities need to be remediated. Based on your organization's policy, you can configure the SLAs to view a list of missing patches or vulnerabilities and perform operations to remediate risks.

For more information, see Service-Level-Agreements.