SANTA CLARA, Calif. – Feb. 24, 2016 – ServiceNow (NYSE: NOW), the enterprise cloud company,
today announced it’s extending its industry‑leading automation and
orchestration expertise to transform the way organizations respond to
threats. ServiceNow’s first offering, Security
Operations, gives both security and IT teams a single platform to
respond to security incidents and vulnerabilities.
ServiceNow will demo the new solution at the RSA
Conference in San Francisco next week.
“ServiceNow is bridging the gap between IT operations and security
by replacing manual, informal processes with a proven orchestration
platform,” said Sean Convery, general manager of Security, ServiceNow.
“Transforming security response is the next frontier for firms to
fortify their security posture and increases the value of the
detection and protection products they have already deployed.”
It takes enterprises an average of 206 days to spot a breach and an
average of 69 days to contain it, according to the Ponemon Institute.
study from the Enterprise Strategy Group (ESG) issued today –
based on input from more than 180 security executives – offers
insights to the obstacles facing rapid and consistent security
response. Highlights include:
- The #1 incident response challenge cited was coordinating
between security and IT teams.
- 9 out of 10 respondents said
that their incident response effectiveness and efficiency is limited
by the burden of manual processes.
- Nearly 75% of
cybersecurity professionals said that incident response tends to be
based upon informal processes at their organizations.
third of organizations spend at least half of all incident response
time on manual processes leading to inefficiencies and delays.
“Although organizations have invested heavily in identifying
security vulnerabilities, they’ve neglected a critical step in
remediation ‑‑ formalizing their teams’ incident response workflows.
This is especially the case when it comes to collaboration between
cybersecurity and IT operations groups,” said Jon Oltsik, author of
the report, ESG senior principal analyst and the founder of the firm’s
cybersecurity service. “The ESG research clearly demonstrates how
time‑consuming, inefficient and ultimately damaging these process
problems and bottlenecks can be.”
ServiceNow Security Operations includes two cloud‑based
applications: Security Incident Response and Vulnerability Response.
By extending ServiceNow’s industry‑leading workflow and automation
software to incident and vulnerability response, organizations can
remove inefficient, manual processes – such as using emails, phone
calls or spreadsheets. ServiceNow enables customers to define,
structure and automate security response to compress the time to
identify and contain threats and vulnerabilities. This can ultimately
reduce an organization’s overall risk while improving analysts’
Specifically, ServiceNow Security Operations addresses the security
shortfall in these ways:
Provide a single platform for managing security incidents and
vulnerabilities. The software extends the workflow, automation,
orchestration and systems management capabilities of the core ServiceNow
platform to security teams. The platform enables the team to
manage the process of responding to and remediating incidents, and
removes manual processes that slow security incident resolution
Prioritize security risks with business criticality.
Customers can attach incidents and vulnerabilities to records within
configuration management database (CMDB). This pairs security
data with insight into the virtual or physical asset at risk and the
business service that asset supports. By doing this an IT team can
see, for instance, that the server being attacked contains sensitive
human resources data and should be prioritized accordingly.
Automate mundane, manual functions to free up IT and security
teams to address critical issues. By leveraging ServiceWatch,
IT operations management software from ServiceNow, teams can trigger
automatic patching, configuration changes to security
infrastructure, or other standard workflows to contain and fix
security incidents and vulnerabilities. Automatic post‑incident
reports are created, crucial for auditing purposes. This eliminates
the tedious manual process most organizations use today.
Gain greater visibility into current security issues by category,
class and priority, and status of tasks. Organizations get
role‑based dashboards, providing real‑time trending data necessary
to understand whether an organization is effective in securing their
enterprise. It also includes an executive dashboard showing team
productivity, existing gaps and overall security posture.
“By adding Security Operations from ServiceNow, organizations can
formalize these response process to close the gap between security and
IT,” said Dan Hushon, chief technology officer, CSC. “CSC is combining
our ServiceNow consulting capabilities, inclusive of our Fruition
Partners subsidiary, with our market‑leading cyber services to bring
clients a new integrated operating model.”
To increase the value of security products customers have already
deployed, ServiceNow Security Operations integrates with leading
third‑party software applications, including security incident and
event managers, and vulnerability identification solutions. The
software also integrates with the National Vulnerability Database,
which is the U.S. government repository of standards‑based
vulnerability management data. ServiceNow's application program
interfaces (APIs) and the ServiceNow Store make it easy for security
companies to integrate to Security Operations and join the ServiceNow
Technology Partner Program.
Availability and Pricing
ServiceNow Security Operations is available now and priced on a per
For More Information:
ServiceNow is changing the way people work. With a
service‑orientation toward the activities, tasks and processes that
make up day‑to‑day work life, we help the modern enterprise operate
faster and be more scalable than ever before. Customers use our
service model to define, structure and automate the flow of work,
removing dependencies on email and spreadsheets to transform the
delivery and management of services for the enterprise. ServiceNow
enables service management for every department in the enterprise
including IT, human resources, facilities, field service and more. We
deliver a ‘lights‑out, light‑speed’ experience through our enterprise
cloud – built to manage everything as a service. To find out how,
ServiceNow and the ServiceNow logo are registered trademarks of
ServiceNow, Inc. All other brand and product names are trademarks or
registered trademarks of their respective holders.