Security Operations integrations Several integrations are included with the Security Operations applications (Security Incident Response, Threat Intelligence, and Vulnerability Response). This section provides instructions for activating the plugins and configuring the integrations. Also included are some basic guidelines for developing your own integrations, as well as details on specific integrations included in the base system. ServiceNow Security Operations integration development guidelinesThe ServiceNow platform provides several mechanisms for developing integrations with external systems. The ServiceNow Security Operations product suite adds integration capabilities intended to streamline the process of integrating with security-focused external systems. IBM QRadar integrationSecurity Operations QRadar Integration uses default workflows to enrich data in security incidents when certain fields are updated. You can also manually execute the workflows to enrich the data.Palo Alto Networks IntegrationThe Security Operations Palo Alto Networks consists of three products you can use to identify and remediate malware: Palo Alto Autofocus, Palo Alto Firewall, and Palo Alto WildFire.Qualys Cloud Platform integrationIf your organization uses the Qualys Cloud Platform integration to detect vulnerabilities, you can integrate it with Vulnerability Response. When the third-party Qualys scanner detects vulnerability data, that data is imported to Vulnerability Response for tracking, prioritization, and resolution.ServiceNow Security Operations add-on for Splunk integrationWhen Splunk is integrated with the ServiceNow Security Operations applications, you can seamlessly create security incidents or events from Splunk events, alerts, and logs. After you have downloaded the ServiceNow Security Operations add-on for Splunk from Splunkbase, you are ready to use the integration to create the desired security records.Tanium integrationSecurity Operations Tanium Integration uses a workflow and workflow activities to return running processes for affected CIs.VirusTotal integrationThe VirusTotal integration enables you to request the analysis of suspicious IP addresses, hashes, and URL addresses to aid in your investigation to determine if they are malicious.