ServiceNow's CISO Ben de Bont discusses why digital technologies, such as Gen AI, are the key to both managing risk and seizing market opportunities in the latest issue of Workflow Quarterly. "Companies of all sizes need a way to define, measure, an...
Our "Success with Vulnerability Response" series of recommended practices deep-dive webinars continues. On July 11&12, Lisa Henderson, Sr Staff Software Engineer and I presented how to use Watch Topics, Remediation Efforts, and Remediation Task Rules...
Hello SecOps Community, The ServiceNow VR team has run a very tight schedule of "VR success recommended practices" webinars through 2023 and into 2024. The team of ServiceNow experts has now helped hundreds of VR to get better and faster value fr...
Dear SecOps Community Members, Over the past 3 months, we’ve had many stimulating conversations with our customers and partners on Major Security Incident Management (MSIM). More information about MSIM (including a 5-minute demo) can be found on th...
On Dec. 16, 2025, Erik Brostrom and myself, both from the SecOps Product Excellence team, presented the benefits of the VR Health Dashboard. Following your VR go-live there are a number of tuning and maintenance considerations to maintain a healthy ...
The "Success with Vulnerability Response" series of recommended practices deep-dive webinars continues. One of the most requested topics by customers via our customer voice questionnaire is VR Integrations, and as a result, we conducted a recommended...
The "Success with Vulnerability Response" series of recommended practices deep-dive webinars continues. After the great feedback from the VR Performance, CI Matching and Assignment & Classification rules webinars earlier this year, I am now pleased t...
Our "Success with Vulnerability Response" series of recommended practices deep-dive webinars continues. After the great feedback from the VR Performance and CI Matching calls earlier this month, I am pleased to share with you to the next installment....
Want to learn what’s new in SecOps with the Utah release? Read on for details of six videos you can watch to find out. So what’s new? With Utah, ServiceNow has introduced two major changes within Security Operations:a new Security Incident Response W...
Use this quick reference guide to get started with Vulnerability Response! The attached quick start guides you through the most important features to get value in your Vulnerability Response application.
Vulnerability Response Usage calculations are viewed in a few different areas, Subscription Management and VR Usage summary Report(Starting version v16.5.4). We will discuss how each method calculates usage metrics. The main calculations used for ...
The matching of your CMDB's Configuration Items (CIs) to the list of hosts and vulnerabilities brought in by your scanner is key to the success of your Vulnerability Response (VR) implementation. Here are some resources on CI Matching that will be ...
Hi everyone! The attached guide is focused on getting started with the user reported phishing use case, as a quick-win, and provides a high level walk through of the steps needed to get started. It also includes links to more detailed implementa...
Starting from v18.0, Vulnerability Response brings in cloud attributes for cloud resources from the scanners and makes them available for usage in CI lookup rules and other downstream functions. This enables easy and accurate lookup of cloud resourc...
On February 3, French Computer Emergency Response Team (CERT-FR) reported the exploitation of a 2-year-old vulnerability (CVE-2021-21974) that exists on unpatched ESXi servers. Attackers were able to successfully exploit and launch ransomware attack...
When looking at discovered items, the “State” is showing as “Matched” but CI matching rule is blank. The WHY VR fails to find Discovered item by Source ID VR fails to find a CI match by CI lookup rules IRE does find a CI match VI CI Identifie...
he SecOps Business Unit conducts quarterly roadmap sessions to talk about what is coming in the future. You must be given access to this group. It is a private group. Customers, Partners and employees are welcome. The administrator coordinating this...
Improving Usage of CWE, CVE & CPE One common theme to improving the usage of these vulnerability standards across the ServiceNow (SN) platform is to handle the challenges of visibility and accessibility. Unfortunately, it’s common for security profe...
Background: Many of the CISO’s security executives struggle to build awareness of the various accomplishments and struggles related to the enterprise's security posture. Leaders for vulnerability and incident response management need a shared view t...
Our Global Incident Response team keeps a low profile, but their work is critical to detecting and mitigating threats to employee data and network security. In this new blog, GIR team members talk candidly about the power of citizen development. Th...
Sarah Wood
ServiceNow
Lisa Latour
Eric Feron
Mary Hain
seanflack
Steph Morillo
