Thank you for your feedback.
Form temporarily unavailable. Please try again or contact to submit your comments.
  • London
  • Kingston
  • Jakarta
  • Istanbul
  • Helsinki
  • Geneva
  • Store

Security Operations common functionality release notes

Security Operations common functionality release notes

ServiceNow® Security Operations Common product enhancements and updates in the Kingston release.

Activation information

Whenever any of the plugins for the main Security Operations applications (Security Incident Response, Vulnerability Response, Threat Intelligence, or Configuration Compliance) are activated, the Security Support Common plugin is activated. This plugin loads various modules that provide functionality that is common across all Security Operations applications.

New in the Kingston release

User-Reported Phishing
Allows security teams to automatically create security incidents from EML attachments that are forwarded to ServiceNow. Email search criteria are also generated based on observables that are parsed from the EML file.
CI Identifier Rules
Allows security administrators to configure the tables and fields within the CMDB that are used to look up existing Configuration Items when importing Vulnerable Items. Rules are extensible to accommodate attribution and data that may be unique to a customer environment.

Changes to site functionality will be made starting around 6am on January 21st (Pacific Time) and lasting approximately 6 hours.  The site may be intermittently unavailable.