We are excited to announce the general availability of the Microsoft Defender Incident ingestion integration with ServiceNow Security Incident Response (SIR). This integration brings unified, bi-directional alert and incident synchronization between ...
USEM Launch Details USEM - Unified Security Exposure Management - is the next evolution of Vulnerability Response (VR) USEM features are made available in Vulnerability Response v30x Vulnerability Response v30x was officially launched and released...
Security teams are not lacking data. They are lacking time, clarity, and confidence when making decisions under pressure. In Vulnerability Response, analysts and IT remediation owners constantly ask questions such as: Which vulnerabilities are inter...
In the ever-evolving world of cybersecurity, speed and consistency of investigation aren’t just advantages but essentials. It’s common for Security Operation Centers (SOCs) at large organizations to encounter over 1,000 security incidents per month. ...
ServiceNow training and certification sets you and your business up for success, which is why it’s critical to make training an essential part of your ServiceNow program. By building the right skills, you can deliver more value more quickly, increase...
We are excited to announce the general availability of the Microsoft Defender Incident ingestion integration with ServiceNow Security Incident Response (SIR). This integration brings unified, bi-directional alert and incident synchronization between ...
Are you attending Knowledge 26 in Las Vegas May 5-7? This year's Knowledge is a milestone moment for the Security & Risk portfolio with a number of exciting announcements and showcases. Expand your Security knowledge by joining sessions, hands-on lab...
The Problem When configuring the native Microsoft Defender connector in ServiceNow SIR, the connection test fails with an authorization error — even when the required API permissions appear to be configured in Azure. Root Cause The permissions were ...
USEM Reference Guide - What's Changing for IT Remediation Owner Personas If you've recently upgraded to Vulnerability Response v30x with USEM functionality, your IT Remediation Owners may be asking: "Why do I now see three different places to do...
USEM Launch Details USEM - Unified Security Exposure Management - is the next evolution of Vulnerability Response (VR) USEM features are made available in Vulnerability Response v30x Vulnerability Response v30x was officially launched and released...
Thank you to everyone who has been joining our Unified Security Exposure Management (USEM) Office Hours. Below you'll find a summary of the top frequently asked questions and answers curated from our USEM Office Hours series. We've also attached the ...
Our "Success with Vulnerability Response" series of recommended practices deep-dive webinars continues. We recommend all Vulnerability Management programs have an approved exception process, to maintain compliance with company policies. ServiceNow p...
Join us May 5–7 in Las Vegas for Knowledge 2026, where you can speak with members of the ServiceNow Security Organization. We’ll be at the Knowledge Expo (Venetian Expo, Level 2) all three days, plus you can check out the Now on Now sessions below to...
Overview: With the ingestion of many different assets from many different scanners, we may run across the situation where we have items in the “unmanaged” ci class tables of Unclassed hardware [cmdb_ci_unclassed_hardware], Incomplete IP Identified De...
SecOps Resource Library: Playbooks Getting Started with Playbooks: When to use Flows and Playbooks: https://www.servicenow.com/docs/r/zurich/build-workflows/workflow-studio/when-to-use-flows-and-play…Building Playbooks: https://www.servicenow.co...
From MITRE ATT&CK + D3FEND integration to AI-powered connector building — here are the highlights of what’s new in Security Incident Response (SIR) this quarter. Check out the release notes for more details: https://www.servicenow.com/docs/r/store-re...
Unified Security Exposure Management (USEM) Base Knowledge Product Documentation: USEMServiceNow Store: USEMKey USEM Articles: Essential Information: VR to USEM Upgrade GuidanceUSEM - Release Highlights and Upgrade InformationKB2556844: Migration...
The Discovered Items module is a hidden gem that we can all use to enhance Vulnerability Response and potentially your CMDB. I hope you find this article useful. Any feedback is welcome.
IMPORTANT: For Unified Security Exposure Management (USEM) Migration Guidance refer to Essential Information: VR to USEM Upgrade Guidance ServiceNow Unified Security Exposure Management (USEM) is the next evolution of Vulnerability Response. ...
While using Threat Intelligence Security Center (TISC) to configure a custom RSS feed, the integration appeared to run successfully, but no attachment was created in the Integration Process record. Scenario: A public RSS endpoint was configuredThe in...
The attached QuickStart Guide is a valuable resource to help you get started with Data Loss Prevention Incident Response (DLP IR). It includes steps to get started with an initial use case, a guide to important features, and links to relevant store a...
Overview: As we can imagine, and have most felt, the Configuration Compliance integrations can bring in mass amounts of information and at some times, information that will never be triaged and/or remediated. If you fall into one of these categories,...
Operational Technology Vulnerability Response (OT VR) Base Knowledge Product Documentation: Operational Technology Vulnerability ResponseConfiguring Operational Technology Vulnerability Response ServiceNow Store: Operational Technology Vulnerabil...
Security teams are not lacking data. They are lacking time, clarity, and confidence when making decisions under pressure. In Vulnerability Response, analysts and IT remediation owners constantly ask questions such as: Which vulnerabilities are inter...
When configuring a custom feed (e.g., a REST-based integration that ingests indicators/observables into TISC table), the run fails with an error similar to: Encountered error running the integration. Error: The Data source response processor only s...
Sarah Wood
ServiceNow
LisaLatour
Eric Feron
Mary Hain
seanflack
Steph Morillo
