SecOps Resource Library: Playbooks Getting Started with Playbooks: When to use Flows and Playbooks: https://www.servicenow.com/docs/r/zurich/build-workflows/workflow-studio/when-to-use-flows-and-play…Building Playbooks: https://www.servicenow.co...
From MITRE ATT&CK + D3FEND integration to AI-powered connector building — here are the highlights of what’s new in Security Incident Response (SIR) this quarter. Check out the release notes for more details: https://www.servicenow.com/docs/r/store-re...
Unified Security Exposure Management (USEM) Base Knowledge Product Documentation: USEMServiceNow Store: USEMKey USEM Articles: Essential Information: VR to USEM Upgrade GuidanceUSEM - Release Highlights and Upgrade InformationKB2556844: Migration...
The Discovered Items module is a hidden gem that we can all use to enhance Vulnerability Response and potentially your CMDB. I hope you find this article useful. Any feedback is welcome.
IMPORTANT: For Unified Security Exposure Management (USEM) Migration Guidance refer to Essential Information: VR to USEM Upgrade Guidance ServiceNow Unified Security Exposure Management (USEM) is the next evolution of Vulnerability Response. ...
While using Threat Intelligence Security Center (TISC) to configure a custom RSS feed, the integration appeared to run successfully, but no attachment was created in the Integration Process record. Scenario: A public RSS endpoint was configuredThe in...
The attached QuickStart Guide is a valuable resource to help you get started with Data Loss Prevention Incident Response (DLP IR). It includes steps to get started with an initial use case, a guide to important features, and links to relevant store a...
Overview: As we can imagine, and have most felt, the Configuration Compliance integrations can bring in mass amounts of information and at some times, information that will never be triaged and/or remediated. If you fall into one of these categories,...
Operational Technology Vulnerability Response (OT VR) Base Knowledge Product Documentation: Operational Technology Vulnerability ResponseConfiguring Operational Technology Vulnerability Response ServiceNow Store: Operational Technology Vulnerabil...
Security teams are not lacking data. They are lacking time, clarity, and confidence when making decisions under pressure. In Vulnerability Response, analysts and IT remediation owners constantly ask questions such as: Which vulnerabilities are inter...
When configuring a custom feed (e.g., a REST-based integration that ingests indicators/observables into TISC table), the run fails with an error similar to: Encountered error running the integration. Error: The Data source response processor only s...
2026 Security Operations Events We look forward to welcoming you at our 2026 Security Operations events! Check out the links below to register and please be sure to bookmark this page as we will be updating the list regularly. UPCOMING EVENTS: M...
Executive Summary Zero-trust architecture represents a fundamental shift in cybersecurity strategy—from perimeter-based defenses to continuous verification of every access request. As organizations grapple with remote workforces, cloud migrations, ...
In the ever-evolving world of cybersecurity, speed and consistency of investigation aren’t just advantages but essentials. It’s common for Security Operation Centers (SOCs) at large organizations to encounter over 1,000 security incidents per month. ...
Performance Overview Performance considerations are important for larger volume tables and integrations in ServiceNow, primarily around data processing and user experience. With Vulnerability Response, it is recommended to review these key Su...
In continuation of the "Success with VR" webinar series, May 15 & 16, William Tran, Sr. Business Process Consultant, from ServiceNow's Expert Services team joined me for a session reviewing "A Day in the Life of a Remediation Owner". When rolling ou...
Transform Integration Building from Weeks to Hours!We're thrilled to announce a game-changing innovation that will revolutionize how security integrations are built: the LLM-Powered Security Incident Response (SIR) Integration Builder. This groundbre...
You’ve invested significant time and resources into your ServiceNow deployment, and as your organization scales its use of the platform, security hardening is critical. It helps you protect sensitive data, maintain compliance, and ensure operational ...
Welcome to ServiceNow® Security Operations (SecOps) Are you ready to start your SecOps implementation journey? This guide gives you valuable information you can share with your team, including proven guidance and links to key resources—all designed...
The more you know - SecOps and CMDB Interactions (Video) Need a refresher on SecOps (VR / CC) and CMDB? Curious about how CMDB IRE fits in with the SecOps CMDB CI Lookup process? Found yourself saying - “wait… so all of the unknown hosts from V...
Sarah Wood
ServiceNow
LisaLatour
Eric Feron
Mary Hain
seanflack
Steph Morillo
