Mobile Experience for Security Incident Response

  • Release version: Yokohama
  • Updated January 30, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Mobile Experience for Security Incident Response

    The Security Incident Response (SIR) Mobile app enables SOC managers and security analysts to manage security operations directly from their Android or iOS devices. This app allows users to view, edit, and assign critical security incidents and response tasks efficiently while receiving real-time notifications for new incidents assigned to them.

    Show full answer Show less

    Key Features

    • Access to a list of critical security incidents and response tasks.
    • Receive detailed notifications based on pre-defined criteria for security incidents.
    • Filter and group incidents or tasks using customizable queries.
    • View work notes and related lists for each security incident.
    • Update incidents, add work notes, and attach files.
    • Edit incident details and assign tasks to team members.

    Key Outcomes

    By utilizing the Security Incident Response Mobile app, ServiceNow customers can enhance their ability to manage and respond to cyber threats promptly, ensuring that critical incidents are addressed efficiently, no matter where they are. This mobile capability streamlines communication and task management within the security team, improving overall incident response effectiveness.

    Use your Android or iOS mobile device to manage your security operations center (SOC) tasks.

    Request apps on the Store

    Visit the ServiceNow Store website to view all the available apps and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.

    Security Incident Response

    If you’re unfamiliar with the basic concepts of the Security Incident Response ( SIR) product on your ServiceNow AI Platform® instance, see Security Incident Response Overview dashboard for more information about threat intelligence and how this product can help you prioritize and resolve cyberthreats to your organization.

    Mobile experience for SIR overview

    As a security operations center (SOC) manager or a user with the ServiceNow AI Platform security analyst role (sn_si.analyst), you can log in to a ServiceNow AI Platform instance directly from your mobile device. With the Security Incident Response Mobile app, you can view, edit, and assign your most current and critical SIR security incidents and response tasks. Notifications inform you when critical security incidents assigned to you arrive.

    With the Security Incident Response Mobile app, you can perform the following SIR -related tasks from your mobile device:
    • View a list of critical security incidents and response tasks.
    • Receive detailed notifications for security incidents and tasks that meet pre-defined notification criteria.
    • View groupings of security incidents or tasks that are based on a pre-defined set of queries or filters.
    • View the work notes and related lists of security incidents.
    • Update security incidents and add work notes or attachments.
    • Edit the fields on security incidents.
    • Assign security incidents to yourself or to other members of your security team.

    When they’re populated, you can view the following related lists on SIR security incidents with the Security Incident Response Mobile app:

    • Configuration Item
    • Affected User
    • Affected Services
    • Child Security Incidents
    • Similar Security Incidents (not support by ServiceNow AI Platform)
    • Observables
    • Response Tasks
    • Tasks
    • Task SLA
    • Attachments (not support by ServiceNow AI Platform)

    The following figure illustrates how you log in to your ServiceNow AI Platform instance from your mobile device and the structure of the landing screen of the Security Incident Response Mobile app that is displayed after you log in.

    For step-by-step instructions about how to set up your ServiceNow AI Platform instance and install the Security Incident Response Mobile app, see Set up checklist for the Security Incident Response Mobile app. For instructions about how to log in, see Log in to the Security Incident Response Mobile app.

    Figure 1. Security Incident Response Mobile app
    SIR Mobile app structure.
    Applications
    Applications are the ServiceNow® software components such as Security Incident Response (SIR), Vulnerability Response (VR), Governance, Risk, and Compliance (GRC) that provide specific features and functionalities within your ServiceNow AI Platform instance. After you install the Security Incident Response core application and the Security Incident Response Mobile app on your ServiceNow AI Platform instance, the icon for the core application is displayed on the bottom of your Android or iOS mobile device after you log in.
    Figure 2. Security Incident Response Mobile app (Security Incidents) icon
    SIR mobile app icon on mobile device highlighted.
    Folders
    Each ServiceNow® mobile application contains folders that separate the applets by category. In the preceding image of the landing page, Security Incidents and Incident Response Tasks are folders.
    Applets
    Applets are the different options within the application. The icons under the Security Incidents and Incident Response Tasks sections are the available applets of the Security Incident Response Mobile app.