Product documentation Docs
    • English
    • Deutsch
    • 日本語
    • 한국어
    • Français
  • More Sites
    • Now Community
    • Developer Site
    • Knowledge Base
    • Product Information
    • ServiceNow.com
    • Training
    • Customer Success Center
    • ServiceNow Support Videos
  • Log in

Product documentation

  • Home
How search works:
  • Punctuation and capital letters are ignored
  • Special characters like underscores (_) are removed
  • Known synonyms are applied
  • The most relevant topics (based on weighting and matching to search terms) are listed first in search results
Topics are ranked in search results by how closely they match your search terms
  • A match on the entire phrase you typed
  • A match on part of the phrase you typed
  • A match on ALL of the terms in the phrase you typed
  • A match on ANY of the terms in the phrase you typed

Note: Matches in titles are always highly ranked.

  • Release version
    Table of Contents
    • Security Operations
Table of Contents
Choose your release version
    Home Orlando Security Incident Management Security Operations

    Security Operations

    • Save as PDF Selected topic Topic & subtopics All topics in contents
    • Unsubscribe Log in to subscribe to topics and get notified when content changes.
    • Share this page

    Security Operations

    ServiceNow® Security Operations brings incident data from your security tools into a structured response engine that uses intelligent workflows, automation, and a deep connection with IT to prioritize and resolve threats based on the impact they pose to your organization.

    Security Operations process overview diagram

    Automate all your security tools and work seamlessly with IT

    With Security Operations, realize the full value of your Now Platform® solution. Many organizations struggle with identifying security threats and vulnerabilities, prioritizing them, and coordinating with IT to remediate them. Using Security Operations, security analysts and vulnerability managers can seamlessly automate their security tools and communicate with IT by working in a unified platform.

    View and download the full infocard for a highlight of Security Operations features.

    Vulnerability management icon
    Identify, prioritize, and remediate vulnerabilities in software, operating systems, and assets

    The ServiceNow® Vulnerability Response application helps organizations identify and respond quickly and efficiently to vulnerabilities. Scan data from leading vendors to give your teams a single platform for response that can be shared between security and IT to resolve vulnerabilities.

    Security lock icon
    Identify, prioritize, and remediate critical security incidents

    The ServiceNow® Security Incident Response application simplifies the process of identifying critical incidents by applying powerful workflow and automation tools that speed up remediation.

    Laptop icon
    Identify, prioritize, and remediate misconfigured assets

    The ServiceNow® Configuration Compliance application prioritizes and remediates misconfigured assets using data gathered from third-party security configuration assessment scans.

    Threat Intelligence icon
    Access your company's Structured Threat Information Expression (STIX) data

    The ServiceNow® Threat Intelligence application helps incident responders find Indicators of Compromise (IoC) and hunt for low-lying attacks and threats. The results are reported directly to security incidents.

    Phone icon
    Access Security Operations with your mobile device

    Access the Vulnerability Response and Security Incident Response applications on your Now Platform instance with your Android or iOS mobile device. As a remediation owner or security analyst, manage security incidents and vulnerability groups so that you can begin remediation without being tied to your desktop.

    Identify, prioritize, and remediate vulnerabilities in software, operating systems, and assets

    Vulnerability Response workflow

    The Vulnerability Response application imports and automatically groups vulnerable items according to group rules enabling you to remediate vulnerabilities quickly. Vulnerability data is pulled from internal and external sources, such as the National Vulnerability Database (NVD) or third-party integrations. Compare vulnerability data pulled from internal and external sources. For any vulnerable items, create change requests and security incidents using vulnerability groups to remediate issues and mitigate risk.

    Identify, prioritize, and remediate critical security incidents

    Security Incident Response integrated workflow

    With the Security Incident Response (SIR) application, integrate your existing Security Information and Event Manager (SIEM) tools with Security Operations applications to import threat data (via APIs or email alerts), and automatically create prioritized security incidents. Manage the life cycle of your security incidents from initial analysis to containment, eradication, and recovery. The Security Incident Response application enables you to get a comprehensive understanding of incident response procedures performed by your analysts, and understand trends and bottlenecks in those procedures with analytic-driven dashboards and reporting.

    Identify, prioritize, and remediate misconfigured assets

    Configuration Compliance dashboard

    With the Configuration Compliance application, use test results obtained from third-party Strong Customer Authentication (SCA) integrations to verify compliance with security or corporate policies. This application uses the assets listed on the ServiceNow® Configuration Management Database (CMDB) to determine which items are most critical. Workflows and automation enable quick action against individual assets or groups for bulk changes. Identify and remediate non-compliant configuration items. Automatically import policies, tests, authoritative sources, and technologies and assign test results to groups or individuals for remediation.

    Access your company's Structured Threat Information Expression (STIX) data.

    Threat Intelligence lookup results

    Use the Threat Intelligence application to automatically search threat feeds for relevant information when an IoC is connected to a security incident and can send IoCs to third-party sources for additional analysis. The Threat Intelligence application uses Structured Threat Information Expression (STIX) as a language to describe cyber threat information in a standardized and structured manner.

    Mobile experience for Security Operations

    Vulnerability Response mobile menu

    Access the Vulnerability Response and Security Incident Response applications on your Now Platform instance with your Android or iOS mobile device.

    Get started

    • For an overview about Security Operations in your Now Platform instance, see Understanding Security Operations.
    • For information about all the Security Operations applications available for download from the ServiceNow Store, see Security Operations and the ServiceNow Store.

    Applications and features

    • Vulnerability Response
    • Security Incident Response
    • Configuration Compliance
    • Threat Intelligence

    Tags:

    Feedback
    On this page

    Previous topic

    Next topic

    • Contact Us
    • Careers
    • Terms of Use
    • Privacy Statement
    • Sitemap
    • © ServiceNow. All rights reserved.

    Release version
    Choose your release version

      Security Operations

      • Save as PDF Selected topic Topic & subtopics All topics in contents
      • Unsubscribe Log in to subscribe to topics and get notified when content changes.
      • Share this page

      Security Operations

      ServiceNow® Security Operations brings incident data from your security tools into a structured response engine that uses intelligent workflows, automation, and a deep connection with IT to prioritize and resolve threats based on the impact they pose to your organization.

      Security Operations process overview diagram

      Automate all your security tools and work seamlessly with IT

      With Security Operations, realize the full value of your Now Platform® solution. Many organizations struggle with identifying security threats and vulnerabilities, prioritizing them, and coordinating with IT to remediate them. Using Security Operations, security analysts and vulnerability managers can seamlessly automate their security tools and communicate with IT by working in a unified platform.

      View and download the full infocard for a highlight of Security Operations features.

      Vulnerability management icon
      Identify, prioritize, and remediate vulnerabilities in software, operating systems, and assets

      The ServiceNow® Vulnerability Response application helps organizations identify and respond quickly and efficiently to vulnerabilities. Scan data from leading vendors to give your teams a single platform for response that can be shared between security and IT to resolve vulnerabilities.

      Security lock icon
      Identify, prioritize, and remediate critical security incidents

      The ServiceNow® Security Incident Response application simplifies the process of identifying critical incidents by applying powerful workflow and automation tools that speed up remediation.

      Laptop icon
      Identify, prioritize, and remediate misconfigured assets

      The ServiceNow® Configuration Compliance application prioritizes and remediates misconfigured assets using data gathered from third-party security configuration assessment scans.

      Threat Intelligence icon
      Access your company's Structured Threat Information Expression (STIX) data

      The ServiceNow® Threat Intelligence application helps incident responders find Indicators of Compromise (IoC) and hunt for low-lying attacks and threats. The results are reported directly to security incidents.

      Phone icon
      Access Security Operations with your mobile device

      Access the Vulnerability Response and Security Incident Response applications on your Now Platform instance with your Android or iOS mobile device. As a remediation owner or security analyst, manage security incidents and vulnerability groups so that you can begin remediation without being tied to your desktop.

      Identify, prioritize, and remediate vulnerabilities in software, operating systems, and assets

      Vulnerability Response workflow

      The Vulnerability Response application imports and automatically groups vulnerable items according to group rules enabling you to remediate vulnerabilities quickly. Vulnerability data is pulled from internal and external sources, such as the National Vulnerability Database (NVD) or third-party integrations. Compare vulnerability data pulled from internal and external sources. For any vulnerable items, create change requests and security incidents using vulnerability groups to remediate issues and mitigate risk.

      Identify, prioritize, and remediate critical security incidents

      Security Incident Response integrated workflow

      With the Security Incident Response (SIR) application, integrate your existing Security Information and Event Manager (SIEM) tools with Security Operations applications to import threat data (via APIs or email alerts), and automatically create prioritized security incidents. Manage the life cycle of your security incidents from initial analysis to containment, eradication, and recovery. The Security Incident Response application enables you to get a comprehensive understanding of incident response procedures performed by your analysts, and understand trends and bottlenecks in those procedures with analytic-driven dashboards and reporting.

      Identify, prioritize, and remediate misconfigured assets

      Configuration Compliance dashboard

      With the Configuration Compliance application, use test results obtained from third-party Strong Customer Authentication (SCA) integrations to verify compliance with security or corporate policies. This application uses the assets listed on the ServiceNow® Configuration Management Database (CMDB) to determine which items are most critical. Workflows and automation enable quick action against individual assets or groups for bulk changes. Identify and remediate non-compliant configuration items. Automatically import policies, tests, authoritative sources, and technologies and assign test results to groups or individuals for remediation.

      Access your company's Structured Threat Information Expression (STIX) data.

      Threat Intelligence lookup results

      Use the Threat Intelligence application to automatically search threat feeds for relevant information when an IoC is connected to a security incident and can send IoCs to third-party sources for additional analysis. The Threat Intelligence application uses Structured Threat Information Expression (STIX) as a language to describe cyber threat information in a standardized and structured manner.

      Mobile experience for Security Operations

      Vulnerability Response mobile menu

      Access the Vulnerability Response and Security Incident Response applications on your Now Platform instance with your Android or iOS mobile device.

      Get started

      • For an overview about Security Operations in your Now Platform instance, see Understanding Security Operations.
      • For information about all the Security Operations applications available for download from the ServiceNow Store, see Security Operations and the ServiceNow Store.

      Applications and features

      • Vulnerability Response
      • Security Incident Response
      • Configuration Compliance
      • Threat Intelligence

      Tags:

      Feedback

          Share this page

          Got it! Feel free to add a comment
          To share your product suggestions, visit the Idea Portal.
          Please let us know how to improve this content

          Check any that apply

          To share your product suggestions, visit the Idea Portal.
          Confirm

          We were unable to find "Coaching" in Jakarta. Would you like to search instead?

          No Yes
          • Contact Us
          • Careers
          • Terms of Use
          • Privacy Statement
          • Sitemap
          • © ServiceNow. All rights reserved.

          Subscribe Subscribed Unsubscribe Last updated: Tags: January February March April May June July August September October November December No Results Found Versions Search preferences successfully updated My release version successfully updated My release version successfully deleted An error has occurred. Please try again later. You have been unsubscribed from all topics. You are now subscribed to and will receive notifications if any changes are made to this page. You have been unsubscribed from this content Thank you for your feedback. Form temporarily unavailable. Please try again or contact  docfeedback@servicenow.com  to submit your comments. The topic you requested does not exist in the release. You were redirected to a related topic instead. The available release versions for this topic are listed There is no specific version for this documentation. Explore products Click to go to the page. Release notes and upgrades Click to open the dropdown menu. Delete Remove No selected version Reset This field is required You are already subscribed to this topic Attach screenshot The file you uploaded exceeds the allowed file size of 20MB. Please try again with a smaller file. Please complete the reCAPTCHA step to attach a screenshot
          Log in to personalize your search results and subscribe to topics
          No, thanks Login