Security Incident Response provides a rich set of playbook resources that include a
comprehensive library of playbooks, subflows, and actions. You can create or configure playbooks
quickly and easily without writing complicated code. You can use these playbooks to resolve
security threats in a step-by-step manner.
Playbook resources include the following:
Table 1.
Security Incident Response Playbooks |
Action Library |
The playbooks provided with the base system are designed to accelerate the
security incident investigation process by automating complex and mundane
tasks.
Playbooks are highly configurable and are built using ServiceNow's Flow Designer
technology. To configure, copy the playbook provided with the base system and
modify it using the simple drag-and-drop graphical interface. See Security Incident Response Playbooks.
|
Complex actions that are critical for building playbooks are available as
Action Libraries. These Action Libraries enable security
administrators to create playbooks without writing any complicated code. See Action Library. |