Activate Threat Intelligence

The Threat Intelligence plugin is available as a separate subscription. Unless the Security Incident Response plugin is activated, some workflow and threat functionality is not available. You can activate Security Incident Response before or after Threat Intelligence activation.

Before you begin

Role required: admin

About this task

Threat Intelligence activates these related plugins if they are not already active.
Table 1. Plugins for Threat Intelligence
Plugin Description
Security Support Orchestration

[com.snc.secops.orchestration]

Provides an integration of Security Operations with Orchestration to allow the facilitation of workflow activities within Security Incident Response, Threat Intelligence or Vulnerability Response.

To purchase a subscription, contact your ServiceNow account manager. After purchasing the subscription, activate the plugin within the production instance.

Procedure

  1. Navigate to System Definition > Plugins.
  2. Find and click the plugin name.
  3. On the System Plugin form, review the plugin details and then click the Activate/Upgrade related link.

    If the plugin depends on other plugins, these plugins are listed along with their activation status.

    If the plugin has optional features that are not functional because other plugins are inactive, those plugins are listed. A warning states that some files are not installed. If you want the optional features to be installed, cancel this activation, activate the necessary plugins, and then return to activating the plugin.

  4. (Optional) If available, select the Load demo data check box.

    Some plugins include demo data—sample records that are designed to illustrate plugin features for common use cases. Loading demo data is a good policy when you first activate the plugin on a development or test instance.

    You can also load demo data after the plugin is activated by clicking the Load Demo Data Only related link on the System Plugin form.

  5. Click Activate.