With the ServiceNow Zurich release, the Security Operations suite has several exciting updates in both the Enterprise Case Management realm and the Unified Security Exposure Management space
Now Assist for Security Operations
Streamline the incident response process with agentic workflows for Security Incident Response. Automate shift handovers and deliver actionable insights that sharpen security metrics and reduce risk. Generate resolution plans, automate activities & response tasks, run threat look-ups, and gain real-time metrics on MTTA and MTTR, all with agentic workflows. These workflows allow your security teams to operate faster, smarter, and more decisively, unlocking new levels of confidence and resilience.
On the Vulnerability Response side- Now Assist workflows help groups unlocked context-driven remediation by analyzing viable fixes, assessing configuration compatibility and delivering recommendations. Utilize agentic workflows to gain insights on SLA compliance and trends, continuously monitor and assess emerging CVEs, and reduce duplicate vulnerable items.
Process Mining for security workflows
Drive peak performance of security workflows with process mining. Visualize security workflows to identify delays and inefficiencies, and optimize SIR process efficiency with analysis of bottlenecks, ultimately improving SLA adherence and response times. Process Mining also incorporates actual process execution data to support continuous improvement initiatives.
Threat Intelligence Security Center (TISC) feed sharing and exporting
Accelerate your security response and incident prioritization with Threat Intelligence Security Center’s seamless sharing and flexible export of cyber threat data, enabling decisive analysis and reporting. Ingest hi-fidelity intelligence from CrowdStrike with filters for prioritized threat actors, malware families, and targeted industries.
TISC investigation canvas
Experience the future of threat investigation with ServiceNow’s centralized investigation workspace. Filter MITRE TTPs and display nodes on MITRE card for context. Create a new case from canvas and add a canvas from a case for flexible and dynamic investigation mapping.
Vulnerability Response cloud security integrations
With updated integrations, users are now able to ingest Host/Asset and Container Vulnerabilities from Tenable Cloud Security and Wiz, while also monitoring remediation progress, managing risk exceptions, and aligning with ITSM Change Management- all within ServiceNow.
Dynamic exception management requests
By integrating rich context and smart conditional logic, vulnerability teams can create exception questionnaires that include risk assessments with flexible options. Groups are also able to add detailed context for exception requests and use conditional questions for better decision making.
