The Now Platform® Washington DC release is live. Watch now!

Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Sign up for the new ServiceNow/AWS Security Hub integration

Eric Feron
Moderator
Moderator

on ‎06-24-2019 12:17 PM

Hello Community, 

Some great news for Security and Risk applications users running AWS workloads. 

ServiceNow and AWS have expanded their partnership to provide security incident automation & orchestration to your security alerts coming from cloud infrastructure hosted in AWS.  

find_real_file.png

AWS Security Hub provides customers with a single place that aggregates, organizes and prioritizes security alerts from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector and Amazon Macie, as well as from AWS Partner solutions.

With this new partnership, Security Operations will provide data-driven and automated incident response to AWS customers. 

Once an alert is generated in Security Hub that meets defined criteria, an incident or ticket is created in Security Operations. For example, in Security Operations, threat lookups and observable enrichment are automatically run on the security incidents, and the operator can assign predefined workflows aligned to the incident category (e.g. malware, phishing, etc.). Analysts can also manually forward selected events on-demand from the AWS Security Hub console. 

Using built-in workflows, ServiceNow then routes the incident to the correct personnel or response tools to contain the threat. Post-incident reporting, customizable dashboards and metrics help teams improve processes going forward and provide a view of the overall security posture. 

 

If you are interested in joining the early adopter program, please sign up here

The team will get in touch with you for next steps. 

  

Demo:

 

For more information

 

 

Preview file
46 KB
  • 1,534 Views
Comments
G Balaji
Kilo Guru
‎06-25-2019 10:02 AM

I'm interested in this. However, I'm not sure if me as an individual could participate in this program. Kindly let me know if there is an option to participate. Thanks.

Deepak Kolingiv
ServiceNow Employee
ServiceNow Employee
‎06-25-2019 04:42 PM

Hi Balaji - Thank you for your interest. We are primarily looking to work with customers/partners/prospects for exploring the use cases they have with performing incident response on their cloud workloads and taking inputs into the final design of the integration. If you can fill out the form and share details of what your goals are in participating in the program , we'll be able to move forward accordingly. Thanks.

G Balaji
Kilo Guru
‎06-26-2019 09:34 AM

Hi Deepak - Glad to hear back. I shall do that. Thanks for the response.

0 Helpfuls
jing3
Mega Guru
‎06-26-2019 11:17 AM

Yes, Please sign me up. We are ServiceNow Partner focus on providing services around ServiceNow security products (GRC and SecOPS). We have customers that currently using ServiceNow SecOPS with infrastructure running on AWS services. This will be of great value to them. 

 

Christopher Jor
Tera Expert
‎02-24-2020 12:52 PM

We unfortunately missed the window to request to participate in the early adopter program.  Does this have an official release date?

Hareesh Namavar
ServiceNow Employee
ServiceNow Employee
‎03-05-2020 08:16 PM

@Christopher Jordan  Hi Christopher! Thanks for your interest in the AWS Security Hub Design Partner Program. We are monitoring customers interest in this integration. We don't have a firm release date yet. We will update you as soon as we have an official release date.

Conor10
Tera Contributor
‎09-05-2022 04:28 AM

Whats the situation with this these days?

I see an AWS connector for Securityhub to Incidents but not specifically to Secops SIR process flow. 

For us we want to be able to create SIR tickets and not INCs. Is this possible with this plugin?

 

Cheers

conor

0 Helpfuls
Version history
Last update:
‎06-24-2019 12:17 PM
Updated by:
Moderator