- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-03-2024 09:17 AM
Hi Everyone,
I am looking for details around the difference between TI Case Management vs TISC Case Management.
Below are the questions I have
1.What is the significance difference between TI case management VS TISC case management.
2.What is the enhancement or additional capabilities that we get in TISC?
3. Why we should recommended customer to switch to TISC case management?
Thanks
Solved! Go to Solution.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-03-2024 01:24 PM
Hi @Venkatesh4
The Threat Intelligence (TI) module is a plugin that’s part of Security Incident Response. It's intended to provide those working in the SOC additional insights and threat awareness related to managing security incidents.
On the other hand, the Threat Intelligence Security Center (TISC), is a separate application (i.e., it's distinct from both the SIR and Vulnerability Response apps). It’s intended to be a tool for the "threat hunter" team.
So while there's cross-over between TI and TISC, they have separate and distinct roles, and it's never a case of, for example, migrating/switching from TI to TISC.
I attended a webinar recently (unfortunately I can't find a link to it) where ServiceNow was quite open about admitting that the similar names of these two tools can be confusing. So your questions are very reasonable and you are certainly not alone in asking them.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-03-2024 01:24 PM
Hi @Venkatesh4
The Threat Intelligence (TI) module is a plugin that’s part of Security Incident Response. It's intended to provide those working in the SOC additional insights and threat awareness related to managing security incidents.
On the other hand, the Threat Intelligence Security Center (TISC), is a separate application (i.e., it's distinct from both the SIR and Vulnerability Response apps). It’s intended to be a tool for the "threat hunter" team.
So while there's cross-over between TI and TISC, they have separate and distinct roles, and it's never a case of, for example, migrating/switching from TI to TISC.
I attended a webinar recently (unfortunately I can't find a link to it) where ServiceNow was quite open about admitting that the similar names of these two tools can be confusing. So your questions are very reasonable and you are certainly not alone in asking them.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-03-2024 01:43 PM
Hi @Venkatesh4,
Here is a link to the webinar Simon mentioned: Understand Threat Intelligence Security Center's Value to your Organization. Simon highlighted the differences well. Additional insight can be found in the webinar.
Best regards,
Elizabeth

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-03-2024 01:50 PM
Thank you @Eliz Skogquist. I knew there would be a link to the webinar out there somewhere, so appreciate you supplying it!
And @Venkatesh4, the webinar is well worth watching if you need a good overview of TISC.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-03-2024 03:49 PM
I hate to pile on here, but I strongly recommend this post detailing the innovations and features added in August and November, which will further illustrate the differences between TI and TISC:
https://www.servicenow.com/community/secops-blog/threat-intelligence-security-center-tisc-updates-fr...