Security Operations Bring incident data from your security tools into a structured response engine that uses intelligent workflows, automation, and a deep connection with IT to prioritize and resolve threats based on the impact they pose to your organization. Security Incident ResponseThe ServiceNow® Security Incident Response application tracks the progress of security incidents from discovery and initial analysis, through containment, eradication, and recovery, and into the final post incident review, knowledge base article creation, and closure. Vulnerability ResponseThe National Vulnerability Database (NVD) and many other sources collect information about known vulnerabilities, such as weaknesses in software, operating systems that can be exploited by malware, and other attacks. The ServiceNow® Vulnerability Response application aids you in tracking, prioritizing, and resolving these vulnerabilities.Configuration ComplianceConfiguration Compliance is a Secure Configuration Assessment (SCA) application that aggregates scan results from integrations with configuration scanning applications, such as Qualys Cloud Platform. You can prioritize configuration compliance issues using the Configuration Management Database (CMDB). Configuration Compliance tightly integrates with the IT change management process to remediate non-compliant configurations. Threat IntelligenceThe ServiceNow® Threat Intelligence application is used to access and provide a point of reference for your company's Structured Threat Information Expression (STIX) data. Included in Threat Intelligence is the Security Case Management application, which provides a means for analyzing threats to your organization posed by targeted campaigns or state actors. Trusted Security CirclesThe Trusted Security Circles application allows you and other users to generate and receive community-sourced observables (in the form of IP addresses, hashes, domains, URLs, and so forth) with the goal of improving threat prioritization and to shorten the time to identify and remediate threats. Security Operations integrationsSeveral integrations are included with the Security Operations applications (Security Incident Response, Threat Intelligence, Configuration Compliance, and Vulnerability Response). This section provides instructions for activating the plugins and configuring both ServiceNow and third-party integrations. Also included are some basic guidelines for developing your own integrations, as well as details on specific integrations included in the base system.Security Operations common functionalityWhenever any of the plugins for the main Security Operations applications (Security Incident Response, Vulnerability Response, Threat Intelligence, or Configuration Compliance) are activated, the Security Support Common plugin is activated. This plugin loads various modules that provide functionality that is common across all Security Operations applications.