ServiceNow brings security automation to the cloud with AWS

  • ServiceNow Blog
  • 2019
  • Solutions
  • Cybersecurity and Risk
June 25, 2019

Cloud infrastructure presents new risks, new systems, and less control for security teams that are already overwhelmed by security alerts, manual processes and siloed security tools that complicate decision-making and the hand-off of remediation to IT counterparts.  

To help solve this challenge, ServiceNow, the digital workflow company that creates great experiences and unlocks productivity, has extended its security operations portfolio with the release today of two integrations with AWS Security Hub. ServiceNow is aligned with AWS’s strategy of providing security at-scale, and our vendor-agnostic approach and ability to take action on a range of security data sources is a unique value for our joint customers. With these integrations, joint customers can aggregate cloud data within Security Hub, then automatically kick-off the approved response or workflow in ServiceNow Security Operations or IT Service Management (ITSM), directly from Security Hub.  

Streamlining cloud workloads through tight security and IT integration 
Security Hub provides customers with a single place that aggregates, organizes and prioritizes security alerts from multiple AWS services.  With this new partnership, AWS customers can use the ServiceNow platform to coordinate security incident and vulnerability response across hybrid cloud deployments and workflows, leveraging the openness, scale, and automation of Security Operations and ITSM with Security Hub. 

For example, when an alert meets defined criteria in Security Hub, a security incident or ticket is automatically created in Security Operations or ITSM. In Security Operations, threat intelligence on observables can enrich the security incidents, providing precious contextual data to support triage and remediation. Predefined playbooks can be assigned based on the incident category (e.g. malware, Brute Force, DOS attack, etc.) to guide response actions. Analysts can also manually forward events from the AWS Security Hub console to drive response. In addition to pre-defined playbooks, customers can use Flow Designer to create the custom workflows required for their organizations’ postures, policies and processes.  

The Power of the Now Platform when transitioning to AWS 
To effectively manage and improve systems, customers need to know exactly what assets are in their IT environment and have current, accurate configuration data. The ServiceNow CMDB provides a single system of record for IT. When paired with ServiceNow Service Mapping, the CMDB becomes serviceaware—which enables applications to be serviceaware as well.  

Using built-in workflows, ServiceNow routes incidents to the correct personnel or response tools to contain, mitigate or remediate threats. Post-incident reporting, customizable dashboards and metrics help teams improve processes going forward and provide a dynamic and continuous view of the overall security profile. Importantly, customers can leverage ServiceNow’s integration with AWS Security Hub to help with their transition to AWS, as ServiceNow provides a single platform solution to manage both on-premises and cloud-native workflows. 

ServiceNow takes a customer centric approach to developing products and services. As companies increasingly shift to the cloud and digital business requires more complex IT infrastructures, ServiceNow is here to help, regardless of where workloads reside. 

For more information, visit ServiceNow’s Security Operations and ITSM Community blog posts. 

Topics

  • Scaled Agile Framework (SAFe): business man looking at phone while standing on bridge overlooking a city
    IT Management
    How the Scaled Agile Framework (SAFe) truly supports business
    The Scaled Agile Framework (SAFe) delivery model can help IT leaders manage the transition from a stability-focused to a continuously evolving infrastructure.
  • The role of the manager: a manager and employee in conversation on a couch
    Employee Experience
    4 ways Manager Hub simplifies the role of the manager
    As the connective tissue between an organization and its employees, the role of the manager is more complex, and more important, than ever before. Learn more.
  • How delivery giant Yamato uses data science: uniformed Yamato delivery worker
    Customer Stories
    Delivery giant Yamato uses data science to drive growth
    Maintaining operational excellence while dealing with a surge in orders is a key pillar of Yamato’s digitization strategy—one that relies on data science.

Trends & Research

  • Total experience companies outperform: prism refraction with an arrow pointing to the right
    Employee Experience
    Survey says: Total experience-focused companies outperform
  • Customer service: smiling businessman on phone walking outdoors
    Customer Experience
    Survey: 3 tips to deliver world-class customer service
  • Enterprise SRE (site reliability engineering): where service reliability and business agility meet
    Application Development
    Service quality and the rising need for enterprise SRE

Year