ServiceNow integration with Rapid7, Carbon Black, Varoins
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-20-2023 05:06 AM
Hello Everyone,
One of customer do not have Secops module in place and not planning to have it either.
However we are being requested to integrate the Rapid7, Carbon Black and Varoins with ServiceNow in order to have events sent to ServiceNow and then convert those events into Incident. This looks like a typical event mgmt integration in itself.
We would like to know, if we can use the plugins of Rapid7, Carbon Black and Varoins irrespective of whether we have SecOps or not, as we do not want the SecOps features VR features here but rather wants security incidents created directly in ServiceNow using this plugins.
OR
the plugins for Rapid7, Carbon Black and Varoins are available only if SecOps module is purchased??
Or are these available as part of Integration Hub licenses?
Can someone please help us with detailed clarification above queries.
Regards,
Hanumant

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-20-2023 08:36 AM
Hi Hanumant,
Check the dependencies link for the apps in the Store. In some cases there may be 3rd party integrations for ITSM that may help you achieve your goals, but they will not have the features & functionality of the apps built for Security Incident Response and Vulnerability Response. The apps built for Security Operations (i.e. SIR, VR, etc.) whether built by ServiceNow or the 3rd parties, have a dependency on the Security Operations framework and other plugins that are only available when the Security Operations apps have been purchased.
Integration Hub is a separate product and the apps are not part of it. As previously mentioned, check the dependencies listed for the apps in the Store.
Good luck.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-17-2023 07:37 AM
without SecOps plugins, can we consume events from these systems via webservices and convert them into INC?
is this feasible and what level of customization is needed ?
Regards,
HM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-04-2023 04:35 PM
As you mentioned you want Security Incidents created directly, did you explore the possibility of consuming emails from these systems in ServiceNow using the Email Parser functionality that comes with SIR?