on - edited by
Sarah Wood
|
Welcome to ServiceNow® Security Operations (SecOps) Are you ready to start your SecOps implementation journey? This guide gives you valuable information you can share with your team, including proven guidance and links to key resources—all designed to set you on the path to success. While this guide is primarily designed for ServiceNow platform owners, it also contains useful information if you have a different role in your organization.
Let’s get started! |
 |
|||
|
Guide Overview Here’s an overview of the topics we will cover in the guide:
|
|
|||
|
Start by familiarizing yourself with SecOps SecOps comes with key capabilities that let you radically improve your security posture. You can get a high-level overview of these capabilities on the SecOps product page. But don’t worry! You don’t have to implement everything at once. Here are the key SecOps capabilities to focus on first:
These Vulnerability Response and Security Incident Response end-to-end demo videos are a great starting point for getting familiar with SecOps capabilities (view more SecOps demos). This Security Operations (SecOps) Fundamentals on-demand course will also help you to understand some of the key SecOps applications and how they work.
If you are new to ServiceNow, we also strongly recommend that you take this short Welcome to ServiceNow course to learn the platform basics. If you want a deeper dive into using the Now Platform, a longer ServiceNow Administration Fundamentals (Instructor-Led | On-Demand) course is also available. |
Security Operations Solutions
Attack surface management:
Enterprise security case management: |
|||
|
Identify your desired business outcomes Before you start to implement SecOps, it’s critical to have a clear vision of what you want to accomplish. SecOps allows you to deliver multiple positive business outcomes, and you can achieve all of these over time. However, by deciding which outcomes are most important for your organization and agreeing on these with your stakeholders, you can set clear expectations and focus your initial implementation to realize these goals.
Here are some examples of business outcomes ServiceNow customers have achieved with SecOps:
For more information, including sample business objectives and key performance indicators, check out this article on SecOps Outcomes and How to Measure Them and this Resource Library page.
|
|
|||
|
Chart a path to implementation Work with ServiceNow experts If you have chosen to work with a ServiceNow partner or ServiceNow Expert Services for your implementation, it’s important to clearly communicate the business outcomes you want to achieve and agree on a well-structured roadmap to attain these goals. If you want to work with a partner but haven’t selected one yet, check out our Partner Finder. Our partner ecosystem includes over 2,000 partners who are vetted to implement ServiceNow products/services. Our expertise combined with that of our partners allow us to deliver services that meet your needs and achieve your desired outcomes.
To accelerate time to value and reduce risk, make sure that your partner uses our library of more than 1,000 leading implementation practices. We also recommend you use these best practices if you are self-implementing, as they provide a wealth of assets designed to guide you to success.
If you’ve purchased ServiceNow Impact as part of your platform investment, welcome! You now have access to adoption and health tools, expert guidance, 24x7 technical support, and value tracking dashboards. Connect with your Customer Success Manager today to help you download the Impact Store application, coordinate your next steps, and begin setting up your capabilities map in Impact.
If you don’t have Impact, consider how these resources and benefits would help you navigate your future with ServiceNow. Learn more about Impact here. |
|
|||
|
Self-implementation Build your team’s skills If you do plan to self-implement, you’ll need to build your platform team’s knowledge and skills before you begin. This is a key reason many SecOps customers choose to work with a partner instead of self-implementing. The following certification paths are a good starting point for building these skills, but we do strongly recommend that you also engage resources who have previous SecOps implementation experience.
Check out this community post for additional recommended training.
Make your implementation smooth and easy To get started quickly with a basic SecOps implementation, take a look at these Vulnerability Response and Security Incident Response QuickStart guides and Now Create resources. There is also a Welcome Guide for Major Security Incident Management (MSIM) here. You can register for an upcoming Get Started With Security Operations Applications webinar or view an on-demand webinar.
For a comprehensive implementation process framework that is proven to scale to the largest, most complex global deployments, check out our Success Packs on Now Create. Success Packs tailor our core Now Create methodology, consisting of more than 700 leading practices, to deliver business outcomes aligned with specific product sets. Here are two Success Packs for SecOps:
If you are implementing Vulnerability Response, also note that your CMDB plays a critical role in successful implementation. This video explains this role and what you need to do about it. These webinars on "Success with VR" and "Success with SIR" are also great resources.
Understand ServiceNow releases and upgrades If you’re not already on the latest ServiceNow release, we strongly recommend that you upgrade before you go live. By upgrading, you get new ServiceNow innovations into the hands of your users faster, gain access to the latest performance and security enhancements, and ensure that support is there when you need it. To make your upgrade smooth and successful, check out these release and upgrade resources.
|
Pro Tip Stick to out-of-the-box ServiceNow functionality wherever possible. The process guides in Now Create below provide detailed descriptions of “as designed” ServiceNow functionality for key SecOps capabilities. |
|||
|
Prepare for organizational change To successfully roll out SecOps, you need your business to understand and use SecOps and recognize its benefits. To do this, you need to communicate what’s changing and why and get alignment with your business. A great way to start this process is to hold a kickoff workshop. This community article takes the example of a Vulnerability Response workshop and explains who needs to be involved. More broadly, if you need help creating a winning communications plan, this communications plan template also provides useful advice.
You’ll want to ensure that your security analysts are trained on SecOps by having them take this Security Operations (SecOps) Fundamentals (Instructor-Led | On-Demand) course well as this Welcome to ServiceNow course.
And remember that if you are rolling out Vulnerability Response, your IT team will also be involved in remediating vulnerabilities. If they already use ServiceNow, they will have most of the knowledge they need, since Vulnerability Response integrates seamlessly into their existing ServiceNow IT environment. This documentation page provides specific information on what Vulnerability Response adds.
|
|
|||
|
Bookmark these resources! ServiceNow Impact -- Impact helps you achieve success your way with value and adoption resources, tailored expertise, and 24/7 support. NowSupport -- You can get technical issues resolved quickly by contacting our team comprised of ServiceNow employees with deep product knowledge and real-world experience. Read more here on how to use support. |
|
