on - edited on by
Sarah Wood
|
Welcome to ServiceNow® Security Operations (SecOps) Are you ready to start your SecOps implementation journey? This guide gives you valuable information you can share with your team, including proven guidance and links to key resources—all designed to set you on the path to success. While this guide is primarily designed for ServiceNow platform owners, it also contains useful information if you have a different role in your organization.
Let’s get started! |
 |
|||
|
Guide Overview Here’s an overview of the topics we will cover in the guide:
|
|
|||
|
Start by familiarizing yourself with SecOps SecOps comes with key capabilities that let you radically improve your security posture. You can get a high-level overview of these capabilities on the SecOps product page. But don’t worry! You don’t have to implement everything at once. Here are the key SecOps capabilities to focus on first:
These Vulnerability Response and Security Incident Response end-to-end demo videos are a great starting point for getting familiar with SecOps capabilities (view more SecOps demos). This Security Operations (SecOps) Fundamentals on-demand course will also help you to understand some of the key SecOps applications and how they work.
If you are new to ServiceNow, we also strongly recommend that you take this short Welcome to ServiceNow course to learn the platform basics. If you want a deeper dive into using the Now Platform, a longer ServiceNow Administration Fundamentals (Instructor-Led | On-Demand) course is also available. |
Security Operations Solutions
Attack surface management:
Enterprise security case management: |
|||
|
Identify your desired business outcomes Before you start to implement SecOps, it’s critical to have a clear vision of what you want to accomplish. SecOps allows you to deliver multiple positive business outcomes, and you can achieve all of these over time. However, by deciding which outcomes are most important for your organization and agreeing on these with your stakeholders, you can set clear expectations and focus your initial implementation to realize these goals.
Here are some examples of business outcomes ServiceNow customers have achieved with SecOps:
For more information, including sample business objectives and key performance indicators, check out this article on SecOps Outcomes and How to Measure Them and this Resource Library page.
|
|
|||
|
Chart a path to implementation Work with ServiceNow experts If you have chosen to work with a ServiceNow partner or ServiceNow Expert Services for your implementation, it’s important to clearly communicate the business outcomes you want to achieve and agree on a well-structured roadmap to attain these goals.
To accelerate time to value and reduce risk, make sure that your partner uses Now Create, ServiceNow’s library of more than 700 leading implementation practices. We also recommend you use Now Create if you are self-implementing, as it provides a wealth of assets designed to guide you to success.
If you want to work with a partner but haven’t selected one yet, check out our Partner Finder or talk to your ServiceNow account representative about ServiceNow Expert Services. We can also work with your chosen partner to infuse our expertise into your implementation through our ServiceNow Co-Delivery service offering.
For those of you who have purchased ServiceNow Impact services, ServiceNow experts and resources are at your fingertips to help you implement SecOps and achieve your goals. If you don’t have a ServiceNow Impact package, consider how having dedicated resources, discounted training, and jumpstart services can help you get the most out of your ServiceNow investment. Read more here.
|
|
|||
|
Self-implementation Build your team’s skills If you do plan to self-implement, you’ll need to build your platform team’s knowledge and skills before you begin. This is a key reason many SecOps customers choose to work with a partner instead of self-implementing. The following certification paths are a good starting point for building these skills, but we do strongly recommend that you also engage resources who have previous SecOps implementation experience.
Check out this community post for additional recommended training.
Make your implementation smooth and easy To get started quickly with a basic SecOps implementation, take a look at these Vulnerability Response and Security Incident Response QuickStart guides and Now Create resources. There is also a Welcome Guide for Major Security Incident Management (MSIM) here. You can register for an upcoming Get Started With Security Operations Applications webinar or view an on-demand webinar.
For a comprehensive implementation process framework that is proven to scale to the largest, most complex global deployments, check out our Success Packs on Now Create. Success Packs tailor our core Now Create methodology, consisting of more than 700 leading practices, to deliver business outcomes aligned with specific product sets. Here are two Success Packs for SecOps:
If you are implementing Vulnerability Response, also note that your CMDB plays a critical role in successful implementation. This video explains this role and what you need to do about it. These webinars on "Success with VR" and "Success with SIR" are also great resources.
Understand ServiceNow releases and upgrades If you’re not already on the latest ServiceNow release, we strongly recommend that you upgrade before you go live. By upgrading, you get new ServiceNow innovations into the hands of your users faster, gain access to the latest performance and security enhancements, and ensure that support is there when you need it. To make your upgrade smooth and successful, check out these release and upgrade resources.
|
Pro Tip Stick to out-of-the-box ServiceNow functionality wherever possible. The process guides in Now Create below provide detailed descriptions of “as designed” ServiceNow functionality for key SecOps capabilities. |
|||
|
Prepare for organizational change To successfully roll out SecOps, you need your business to understand and use SecOps and recognize its benefits. To do this, you need to communicate what’s changing and why and get alignment with your business. A great way to start this process is to hold a kickoff workshop. This community article takes the example of a Vulnerability Response workshop and explains who needs to be involved. More broadly, if you need help creating a winning communications plan, this communications plan template also provides useful advice.
You’ll want to ensure that your security analysts are trained on SecOps by having them take this Security Operations (SecOps) Fundamentals (Instructor-Led | On-Demand) course well as this Welcome to ServiceNow course.
And remember that if you are rolling out Vulnerability Response, your IT team will also be involved in remediating vulnerabilities. If they already use ServiceNow, they will have most of the knowledge they need, since Vulnerability Response integrates seamlessly into their existing ServiceNow IT environment. This documentation page provides specific information on what Vulnerability Response adds.
|
|
|||
|
Bookmark these resources! ServiceNow Impact -- Impact helps you achieve success your way with value and adoption resources, tailored expertise, and 24/7 support. NowSupport -- You can get technical issues resolved quickly by contacting our team comprised of ServiceNow employees with deep product knowledge and real-world experience. Read more here on how to use support. |
|
