What's New in Vancouver for ServiceNow Security Operations Products
ServiceNow's Security Operations suite is expanding with new innovations in the Vancouver release. There are a few notable upgrades to both the Security Incident Response, and Vulnerability Response SKUs.
Security Incident Response Innovations
Dashboards within the Security Incident Response Workspace have been upgraded to a new user experience with the Vancouver release. This new interface delivers improved usability and ease of customization, while allowing insights to be shared easily with SOC leaders and other collaborative teams. While many dashboards are available now, there are more coming in the future.
Data Loss Prevention Incident Response Updates
With ServiceNow's Unified DLP Incident Response, you can now define custom workflows so you're able to assign incidents to any users involved in the workflow, move incidents to a pre-defined or custom state, and use custom fields to store incident specific data. You can automatically consolidate multiple incidents as child incidents under one parent based on custom criteria making alerts more manageable. The integrations supported in this space include Symantec, Proofpoint, Netskope, and Microsoft Purview. These updates bring improvements to analyst’s capabilities within the product, helping streamline and make their work easier to manage.
Vulnerability Response Innovations
With SBOM you gain rapid, centralized visibility into the vulnerabilities associated with third-party components across the organization, including applications, libraries, containers, and more. In conjunction with Vulnerability Response, you can easily assess high-risk open-source software in your environment and respond with automated workflows. Armed with these insights, you can also benefit from remediation workflow support for these critical issues, thus reducing vulnerability risks.
Unified Vulnerability Response Dashboard
The Unified Vulnerability Response Dashboard centralizes infrastructure, cloud, container, and application risks into a single view, providing visibility to the business. It shows critical assets, vulnerabilities and recommended remediation efforts needed to reduce risk as well as aggregated risk posture on organizational units.
Integrations
With Vulnerability Response Professional and Enterprise, utilize our integration with Prisma Cloud to ingest container vulnerabilities data. Create Jira issues corresponding to Remediation Tasks or Vulnerability Items of Applications/Containers. Additionally, track remediation progress by syncing Jira issue status into ServiceNow and move between Jira and VR with the deep links. You also gain the ability to choose between Automatic vs Manual creation of Jira issues, and map to custom issue types and custom attributes in Jira.
Gain visibility into health metrics to monitor health of your Vulnerability Response applications. Get comprehensive insights across configuration, implementation, integration, performance, data, and process to pinpoint issues affecting system health.
To learn more about new and updated features, view the Security Operations Vancouver release notes.
