Difference between TI Case Management vs TISC Case Management

Venkatesh4 · ‎12-03-2024

Hi Everyone,

I am looking for details around the difference between TI Case Management vs TISC Case Management.

Below are the questions I have

1.What is the significance difference between TI case management VS TISC case management.

2.What is the enhancement or additional capabilities that we get in TISC?

3. Why we should recommended customer to switch to TISC case management?

Thanks

Simon Hendery · ‎12-03-2024

Hi @Venkatesh4

The Threat Intelligence (TI) module is a plugin that’s part of Security Incident Response. It's intended to provide those working in the SOC additional insights and threat awareness related to managing security incidents.

On the other hand, the Threat Intelligence Security Center (TISC), is a separate application (i.e., it's distinct from both the SIR and Vulnerability Response apps). It’s intended to be a tool for the "threat hunter" team.

So while there's cross-over between TI and TISC, they have separate and distinct roles, and it's never a case of, for example, migrating/switching from TI to TISC.

I attended a webinar recently (unfortunately I can't find a link to it) where ServiceNow was quite open about admitting that the similar names of these two tools can be confusing. So your questions are very reasonable and you are certainly not alone in asking them.

View solution in original post

Simon Hendery · ‎12-03-2024

Hi @Venkatesh4

The Threat Intelligence (TI) module is a plugin that’s part of Security Incident Response. It's intended to provide those working in the SOC additional insights and threat awareness related to managing security incidents.

On the other hand, the Threat Intelligence Security Center (TISC), is a separate application (i.e., it's distinct from both the SIR and Vulnerability Response apps). It’s intended to be a tool for the "threat hunter" team.

So while there's cross-over between TI and TISC, they have separate and distinct roles, and it's never a case of, for example, migrating/switching from TI to TISC.

I attended a webinar recently (unfortunately I can't find a link to it) where ServiceNow was quite open about admitting that the similar names of these two tools can be confusing. So your questions are very reasonable and you are certainly not alone in asking them.

Eliz Skogquist · ‎12-03-2024

Hi @Venkatesh4,

Here is a link to the webinar Simon mentioned: Understand Threat Intelligence Security Center's Value to your Organization. Simon highlighted the differences well. Additional insight can be found in the webinar.

Best regards,

Elizabeth

Simon Hendery · ‎12-03-2024

Thank you @Eliz Skogquist. I knew there would be a link to the webinar out there somewhere, so appreciate you supplying it!

And @Venkatesh4, the webinar is well worth watching if you need a good overview of TISC.

Tim Boswell · ‎12-03-2024

I hate to pile on here, but I strongly recommend this post detailing the innovations and features added in August and November, which will further illustrate the differences between TI and TISC:
https://www.servicenow.com/community/secops-blog/threat-intelligence-security-center-tisc-updates-fr...