Escalating cyber risk and targeted attacks are mainstream discussions for boards, regulators, the C-suite, and customers. ServiceNow is proud to announce major updates to our Security Operations portfolio that will help security teams and their IT and risk partners reduce risk and reassure stakeholders by preparing, preventing, and responding more surgically and with higher impact.

Major Security Incident Management

When the clock starts on a significant event, the dedicated Major Security Incident Management (MSIM) workspace can be your virtual war room. With it’s reimagined user experience, this capability improves speed, communication, and evidence handling to help you meet the high scrutiny these incidents receive and get to resolution more efficiently.

• A task organizer assists your security team to manage incident response tasks within and beyond security operations to include responsible IT and non-IT roles. Since a major incident typically includes multiple related investigations, the workspace shows you the entire picture and lets you organize response across multiple “child” security incidents.
• New Summary Metrics capture and present progress to stakeholders, including rollup of affected assets, users, locations, and team resources, as well as a timeline of significant incident milestones.
• For effective enterprise-scale coordination and record keeping, collaborative workflows automate creation of collaboration folders and chat channels, plus archival at closure. Through a Microsoft Teams integration, a chat channel manager and activity streams manage communications across groups.
• A file explorer organizes and tracks artifacts for evidence management via Microsoft SharePoint
  
  

More MITRE ATT&CK

According to ESG Research, “81% of security professionals claim that the MITRE ATT&CK framework has become an increasingly important component of their organization’s security hygiene and posture management.” The latest release of Security Incident Response expands our MITRE ATT&CK support to provide more proactive analysis, response, and reporting on threats across your security infrastructure:

• Mitigation coverage mapping and associated heatmap views to help you see where you have gaps against most likely activities
• Threat actor to tactics, techniques, and procedures (TTPs) mapping to help pinpoint connections between what you are seeing and likely adversaries and intentions
• Threat actor heatmap view for visibility into the number of threat actors using a specific technique for an attack for even greater context and prioritization

Detection rule to TTP mapping and display of relevant Vulnerable Items in the context of MITRE ATT&CK provides one-to-many mapping of detection rules and techniques to improve your understanding of your attack surface and guide hardening

Expanded threat intelligence and orchestration portfolio

Rounding out our San Diego news, we are pleased to release new integrations with the MISP open-source threat intelligence platform and an integration with SentinelOne that syncs endpoint threat information and provides analysts with orchestration tools for more effective response to incidents such as a compromise.

Get started

These updates, while released with San Diego, also support previous releases. Visit the ServiceNow store or contact your administrator to get your new capabilities installed today and take the next step to transform your security operations.

.............................................................................................................................................................................

Join us for the The Now Platform San Diego event.

Mark your calendar for the Now Platform San Diego release broadcast  

Join us for the San Diego release broadcast —a global digital experience where we’ll be unveiling exciting, new innovations in the San Diego release across different markets.  

The broadcast digital event is April 6 and is part of the Knowledge Digital Experience. Your registration for this broadcast provides free access to all that the Digital Experience has to offer, including 200+ sessions beginning in May.

Make sure to watch the San Diego release introduction session with Dave Wright, chief innovation officer, as well as 21 sessions on demand, where we’ll highlight different ServiceNow^® products, innovations, demos, and the Now Platform. The times of the broadcasts are:

• AMS: April 6 at 9:00 am PT/12:00 pm ET,
• EMEA: 7 April at 8:00 am GMT/9:00 am CET
• APJ: 7 April at 9:00 am SGT /11:00 am AEST

................................................................................................................................................................................

© 2022 ServiceNow Inc. All rights reserved. ServiceNow, the ServiceNow logo, Now, Now Platform, and other ServiceNow marks are trademarks and/or registered trademarks of ServiceNow, Inc. in the United States and/or other countries. Other company names, product names, and logos may be trademarks of the respective companies with which they are associated. 

servicenow.com