Activate Threat Intelligence

The Threat Intelligence plugin is available as a separate subscription. Unless the Security Incident Response plugin is activated, some workflow and threat functionality is not available. You can activate Security Incident Response before or after Threat Intelligence activation.

Before you begin

Role required: admin

About this task

Threat Intelligence activates these related plugins if they are not already active.
Table 1. Plugins for Threat Intelligence
Plugin Description
Security Support Orchestration

[com.snc.secops.orchestration]

Provides an integration of Security Operations with Orchestration to allow the facilitation of workflow activities within Security Incident Response, Threat Intelligence, or Vulnerability Response.

To purchase a subscription, contact your ServiceNow account manager. After purchasing the subscription, activate the plugin within the production instance.

Procedure

  1. Navigate to System Definition > Plugins.
  2. Find and click the plugin name.
  3. On the System Plugin form, review the plugin details and then click the Activate/Upgrade related link.

    If the plugin depends on other plugins, these plugins are listed along with their activation status.

    If the plugin has optional features that depend on other plugins, those plugins are listed under Some files will not be loaded because these plugins are inactive. The optional features are not installed until the listed plugins are installed (before or after the installation of the current plugin).

  4. (Optional) If available, select the Load demo data check box.

    Some plugins include demo data—Sample records that are designed to illustrate plugin features for common use cases. Loading demo data is a good practice when you first activate the plugin on a development or test instance.

    You can also load demo data after the plugin is activated by clicking the Load Demo Data Only related link on the System Plugin form.

  5. Click Activate.