USEM Launch Details USEM - Unified Security Exposure Management - is the next evolution of Vulnerability Response (VR) USEM features are made available in Vulnerability Response v30x Vulnerability Response v30x was officially launched and released...
We are excited to announce the general availability of the Microsoft Defender Incident ingestion integration with ServiceNow Security Incident Response (SIR). This integration brings unified, bi-directional alert and incident synchronization between ...
Security teams are not lacking data. They are lacking time, clarity, and confidence when making decisions under pressure. In Vulnerability Response, analysts and IT remediation owners constantly ask questions such as: Which vulnerabilities are inter...
In the ever-evolving world of cybersecurity, speed and consistency of investigation aren’t just advantages but essentials. It’s common for Security Operation Centers (SOCs) at large organizations to encounter over 1,000 security incidents per month. ...
ServiceNow training and certification sets you and your business up for success, which is why it’s critical to make training an essential part of your ServiceNow program. By building the right skills, you can deliver more value more quickly, increase...
USEM Reference Guide - What's Changing for IT Remediation Owner Personas If you've recently upgraded to Vulnerability Response v30x with USEM functionality, your IT Remediation Owners may be asking: "Why do I now see three different places to do...
USEM Launch Details USEM - Unified Security Exposure Management - is the next evolution of Vulnerability Response (VR) USEM features are made available in Vulnerability Response v30x Vulnerability Response v30x was officially launched and released...
Thank you to everyone who has been joining our Unified Security Exposure Management (USEM) Office Hours. Below you'll find a summary of the top frequently asked questions and answers curated from our USEM Office Hours series. We've also attached the ...
Our "Success with Vulnerability Response" series of recommended practices deep-dive webinars continues. We recommend all Vulnerability Management programs have an approved exception process, to maintain compliance with company policies. ServiceNow p...
Join us May 5–7 in Las Vegas for Knowledge 2026, where you can speak with members of the ServiceNow Security Organization. We’ll be at the Knowledge Expo (Venetian Expo, Level 2) all three days, plus you can check out the Now on Now sessions below to...
Overview: With the ingestion of many different assets from many different scanners, we may run across the situation where we have items in the “unmanaged” ci class tables of Unclassed hardware [cmdb_ci_unclassed_hardware], Incomplete IP Identified De...
SecOps Resource Library: Playbooks Getting Started with Playbooks: When to use Flows and Playbooks: https://www.servicenow.com/docs/r/zurich/build-workflows/workflow-studio/when-to-use-flows-and-play…Building Playbooks: https://www.servicenow.co...
From MITRE ATT&CK + D3FEND integration to AI-powered connector building — here are the highlights of what’s new in Security Incident Response (SIR) this quarter. Check out the release notes for more details: https://www.servicenow.com/docs/r/store-re...
We are excited to announce the general availability of the Microsoft Defender Incident ingestion integration with ServiceNow Security Incident Response (SIR). This integration brings unified, bi-directional alert and incident synchronization between ...
Unified Security Exposure Management (USEM) Base Knowledge Product Documentation: USEMServiceNow Store: USEMKey USEM Articles: Essential Information: VR to USEM Upgrade GuidanceUSEM - Release Highlights and Upgrade InformationKB2556844: Migration...
The Discovered Items module is a hidden gem that we can all use to enhance Vulnerability Response and potentially your CMDB. I hope you find this article useful. Any feedback is welcome.
IMPORTANT: For Unified Security Exposure Management (USEM) Migration Guidance refer to Essential Information: VR to USEM Upgrade Guidance ServiceNow Unified Security Exposure Management (USEM) is the next evolution of Vulnerability Response. ...
While using Threat Intelligence Security Center (TISC) to configure a custom RSS feed, the integration appeared to run successfully, but no attachment was created in the Integration Process record. Scenario: A public RSS endpoint was configuredThe in...
The attached QuickStart Guide is a valuable resource to help you get started with Data Loss Prevention Incident Response (DLP IR). It includes steps to get started with an initial use case, a guide to important features, and links to relevant store a...
Overview: As we can imagine, and have most felt, the Configuration Compliance integrations can bring in mass amounts of information and at some times, information that will never be triaged and/or remediated. If you fall into one of these categories,...
Operational Technology Vulnerability Response (OT VR) Base Knowledge Product Documentation: Operational Technology Vulnerability ResponseConfiguring Operational Technology Vulnerability Response ServiceNow Store: Operational Technology Vulnerabil...
Security teams are not lacking data. They are lacking time, clarity, and confidence when making decisions under pressure. In Vulnerability Response, analysts and IT remediation owners constantly ask questions such as: Which vulnerabilities are inter...
When configuring a custom feed (e.g., a REST-based integration that ingests indicators/observables into TISC table), the run fails with an error similar to: Encountered error running the integration. Error: The Data source response processor only s...
2026 Security Operations Events We look forward to welcoming you at our 2026 Security Operations events! Check out the links below to register and please be sure to bookmark this page as we will be updating the list regularly. UPCOMING EVENTS: A...
Executive Summary Zero-trust architecture represents a fundamental shift in cybersecurity strategy—from perimeter-based defenses to continuous verification of every access request. As organizations grapple with remote workforces, cloud migrations, ...
Sarah Wood
ServiceNow
LisaLatour
Eric Feron
Mary Hain
seanflack
Steph Morillo
