Monitoring the risks of vulnerabilities impacting services
The BMC HelixGPT Vulnerability Resolver introduced by BMC extends the capabilities of BMC Helix AIOps to address the need for a robust vulnerability management solution. BMC Helix AIOps integrates with BMC Helix Automation Console to display the vulnerabilities impacting the services. You can enable BMC HelixGPT to display an AI-generated vulnerability summary in a human-readable format that is easy to understand, monitor, and assess. By using generative AI capabilities, BMC HelixGPT provides step-by-step best action recommendations for remediating a vulnerability. It also automatically creates a standard remediation script for your preferred remediation target, such as Ansible, to run the best action recommendations.
Scenario
The IT team at Apex Global uses BMC Helix AIOps to monitor open vulnerabilities. When a child service, associated with a host name, is impacted by a vulnerability, typically an operator or a site reliability engineer (SRE) spends hours investigating the vulnerability, creating remediation content for it, and getting the remediation content approved by the SecOps or DevOps team. This process is manual, time-consuming, and has a high probability for errors.
The IT team uses the advanced Vulnerabilities feature provided by BMC Helix AIOps to monitor and investigate vulnerabilities impacting the services. They leverage BMC HelixGPT to generate remediation content for it.
In the following example, a child service in BMC Helix AIOps is impacted by a critical vulnerability. The IT team uses the Vulnerability Resolver to investigate the vulnerability details and assess the risk. They use BMC HelixGPT to automatically generate remediation content for it.
An operator or SRE can create a change request in by using the cross-launch link (appropriate permissions needed).
Workflow
The following diagram illustrates the high-level workflow of monitoring and investigating vulnerabilities:
Task | Product | Role | Action | Reference |
|---|---|---|---|---|
1. | BMC Helix Automation Console | Tenant Administrator | Configure BMC Helix Automation Console in your system. | |
2. | BMC Helix Automation Console | Tenant Administrator | Configure the BMC Discovery connector in BMC Helix Automation Console. | |
3. | BMC Helix AIOps | Tenant Administrator | Enable the Vulnerabilities feature from the Configurations menu. | |
4. | BMC Helix AIOps | Operator or SRE | Monitor the following vulnerability data:
| |
5. | BMC Helix AIOps | Operator or SRE | View the BMC HelixGPT generated vulnerability summary and other details | |
6. | BMC Helix AIOps | Operator or SRE | Generate remediation content:
| |
7. | BMC Helix AIOps | Operator or SRE | Create a change request in |
Results
By implementing the Vulnerability Resolver, the IT infrastructure team at Apex Global achieved the following results:
- Ability to observe the open vulnerabilities affecting the services
- Ability to assess the risks associated with these vulnerabilities and quickly prioritize remediation.
- Automated generation of remediation content for vulnerabilities, which saved the need to manually investigate the vulnerability, create remediation content and have it reviewed by the DevOps personnel.