Thank you for your feedback.
Form temporarily unavailable. Please try again or contact docfeedback@servicenow.com to submit your comments.
Versions
  • London
  • Kingston
  • Jakarta
  • Istanbul
  • Helsinki
  • Geneva
  • Store
Close

Security Operations Integration - Threat Lookup workflow

Security Operations Integration - Threat Lookup workflow

The Security Operations Integration - Threat Lookup capability workflow accesses available threat lookup implementations and executes the implementation workflows associated with each to perform threat lookups of selected observables.

Before you begin

Role required: sn_ti.write

About this task

This workflow can be triggered in these ways:
  • by selecting one or more observables from the Observables list and selecting Run threat lookup from the Actions on selected rows choice list.
  • by opening an observable record and clicking the Run threat lookup related link.
  • From the Observables related list in a security incident.

Each method then allows you to specify which lookup implementations to be used to scan the selected observables. The associated implementation workflows are executed to perform the lookups.

Security Operations Integration - Threat Lookup

Workflow process activities include: