Improving Usage of CWE, CVE & CPE One common theme to improving the usage of these vulnerability standards across the ServiceNow (SN) platform is to handle the challenges of visibility and accessibility. Unfortunately, it’s common for security profe...
Background: Many of the CISO’s security executives struggle to build awareness of the various accomplishments and struggles related to the enterprise's security posture. Leaders for vulnerability and incident response management need a shared view t...
Our Global Incident Response team keeps a low profile, but their work is critical to detecting and mitigating threats to employee data and network security. In this new blog, GIR team members talk candidly about the power of citizen development. Th...
Incident response teams are faced with an ever-increasing number of security incidents to respond to. In these times of a global pandemic, Cybercriminals have been employing the tactic of sending phishing emails that appear to come from trusted brand...
Hello SecOps Community, I am pleased to be able to share with you the recently finished Performance Analytics for Security Operations document. This document was put together with the hopes of de-mystifying Performance Analytics for security practiti...
Background As part of the journey into managing enterprise vulnerabilities, it’s vital to understand how to prepare for your Vulnerability Response (VR) Deployment. Initially, it might seem overwhelming, but a well thought-out and deliberate approac...
Hi There, This is in continuation of part 1 which i have posted few days back. This include few more terminologies from Security Incident Response which will help you to understand it more. PIR- Post Incident Review Configure Escalation Groups If an...
Why this Article As Simon Sinek points out in his book ‘Start with Why’, ‘the why’ is probably the most crucial question for all of us. Why I wrote this article is pretty simple, I wanted to help people understand how they can leverage the Discovere...
Ever wonder how ServiceNow uses its own products? We have a program we call Now on Now where ServiceNow employees highlight how they are innovating on the product. Listed here are presentations and white papers that relate to SecOps. Now on Now: Ho...
It always helps to understand how ServiceNow products work foundationally and how they are connected to other products, which is the purpose of the following product architectures. Security Incident Response - Product Architecture Blueprint Vuln...
Before starting implementation, it's always a good idea to conduct a process workshop to verify processes and identify requirements. Listed here are process workshop guides you can use to run workshops if you are self-implementing or to prepare if yo...
Before you get started with SecOps, here are some resources to help you get acquainted with features and capabilities. What is Security Operations (SecOps) SecOps Video Overview SecOps FAQs Product Insights- SecOps transformation
In the first episode of a series of three, Keith Reynolds, Sr Advisory Solutions Architect, shares his extensive experience with customers to explain (with in-product demos) how to easily and quickly get started with Security Incident Response, phase...
3/31/2022 Update: Check out this new blog post for additional guidance on configuring MSIM: Getting Started Guide + Video Configuration Walkthrough Dear SecOps Community Members, We’re excited to announce that Major Security Incident Management (M...
Hello Community, Some great news for Security and Risk applications users running AWS workloads. ServiceNow and AWS have expanded their partnership to provide security incident automation & orchestration to your security alerts coming from cloud in...
Note: this article assumes the reader is actively using Discovery and Vulnerability Response Background: How Vulnerabilities are Imported and Managed in ServiceNowVulnerable Items are a key concept in ServiceNow. They represent a Configuration Item w...
As part of the journey into managing enterprise vulnerabilities, it’s vital to understand How to Prepare for your Vulnerability Response (VR) Deployment. Initially, it might seem overwhelming, but a well thought and deliberative approach will take yo...
Who needs to be in the room for a Vulnerability Response Workshop You need the right people in the room to have an effective Vulnerability Response (VR) Management deployment from the beginning. It is critical that key resources and owners of busin...
Automating the Process of "Closing" VIs on Non-Running Red Hat Kernels in VR with the Qualys Integration This post is for anyone using the Qualys integration with Vulnerability Response that has had issues with VIs for the "Red Hat Update for kernel"...
Hi everyone, In the face of the current vulnerability crisis with log4shell, many people have been asking me how ServiceNow can help, and asking here in these forums how ServiceNow is doing with it. Several teams worked together to assemble a two pa...
Sarah Wood
ServiceNow
LisaLatour
Eric Feron
Mary Hain
seanflack
Steph Morillo
