- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
zScaler and ServiceNow have teamed up to give joint customers the ability to leverage zScaler Internet Access and Threat intelligence with the workflow and automation capabilities of ServiceNow Security Incident Response (SIR).
The new integration between ServiceNow SIR and zScaler Internet Access allows security and IT teams to respond faster to emerging threats by adding Zscaler threat intelligence to incident response orchestration workflows and playbooks. Customers can now orchestrate blocking directly from ServiceNow back into Zscaler, in response to threats, and get prioritized notifications of patient zero alerts for immediate investigation. These automated capabilities reduce response time by minimizing manual triage tasks, increasing the IT team’s speed and productivity.
The features in this integration include:
- Automatic creation of security incident in SIR using email parser
- Context enrichment of security incident by performing file hash lookup and fetching sandbox analysis report from Zscaler
- Facilitate automatic workflow in SIR with approval to whitelist or blacklist network related IoCs (URIs/Domains/IPs) in Zscaler tenant Custom Block Lists.
The new integration along with deployment notes are available in the ServiceNow Store
- 964 Views
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
