Close
Thank you for your feedback.

Security Operations Integrations release notes

Security Operations Integrations release notes

ServiceNow® Security Operations Integrations enhancements and updates in the Istanbul release.

Activation information

Each integration requires plugin activation and configuration from the Integration Configuration screen. Plugin information for each integration is included in the product documentation for each integration.

New in the Istanbul release

IBM QRadar
The Security Operations QRadar integration uses default workflows to enrich data in security incidents when certain fields are updated. You can also manually execute the workflows to enrich the data.
Palo Alto Networks Firewall
The Palo Alto Networks Firewall integration base system includes a workflow and a series of workflow activities you can use to integrate Firewall with your instance.
Palo Alto Networks Wildfire
The Palo Alto Networks WildFire integration base system includes a workflow and a series of workflow activities you can use to integrate Wildfire with your instance.
Palo Alto Networks AutoFocus
Palo Alto Networks AutoFocus is a threat intelligence cloud service that provides prioritized, actionable cyberthreat intelligence. The Palo Alto Networks AutoFocus integration base system includes a workflow and a series of workflow activities you can use to integrate AutoFocus with your instance.
Tanium Endpoint Platform
The Security Operations Tanium integration uses a workflow and workflow activities to return running processes for affected CIs.
MetaDefender
The MetaDefender integration is available by request. It assists with completing IoC lookups to understand the impact of observables found within a security incident.

Changed in this release

  • Qualys scanner integration enhancements:
    • Enhanced ability for processing results from the Qualys scanner.
    • Qualys can use Qualys asset groups to determine which Qualys appliances to use to scan for vulnerabilities when invoking scans from Qualys integration.
  • VirusTotal Integration: The VirusTotal integration is now available through an orchestration activity and can be initiated within workflows created by you or available as a standard workflow within the product.

Products > Release Notes; Versions > Istanbul