Security Operations Bring incident data from your security tools into a structured response engine that uses intelligent workflows, automation, and a deep connection with IT to prioritize and resolve threats based on the impact they pose to your organization. Security Incident ResponseThe ServiceNow® Security Incident Response application tracks the progress of security incidents from discovery and initial analysis, through containment, eradication, and recovery, and into the final post incident review, knowledge base article creation, and closure. Vulnerability ResponseThe National Vulnerability Database (NVD) and many other sources collect information about known vulnerabilities, such as weaknesses in software, operating systems that can be exploited by malware, and other attacks. The ServiceNow® Vulnerability Response application aids you in tracking, prioritizing, and resolving these vulnerabilities.Threat IntelligenceThe ServiceNow® Threat Intelligence application is used to access and provide a point of reference for your company's Structured Threat Information Expression (STIX) data. STIX is a language for describing cyber threat information in a standardized and structured manner. Security Operations integrationsSeveral integrations are included with the Security Operations applications (Security Incident Response, Threat Intelligence, and Vulnerability Response). This section provides instructions for activating the plugins and configuring the integrations. Also included are some basic guidelines for developing your own integrations, as well as details on specific integrations included in the base system.Security Operations common functionalityWhenever any of the plugins for the main Security Operations applications (Security Incident Response, Vulnerability Response, or Threat Intelligence) are activated, the Security Support Common plugin is activated. This plugin loads various modules that provide functionality that is common across all Security Operations applications.