Solved: Tutorial: How to prepare for implementation (Vuln... - ServiceNow Community

Tutorial: How to prepare for implementation (Vulnerability Response and Security Incident Response)

Go to solution
Eric Feron
Moderator
Moderator

‎02-15-2019 02:39 PM

FEB 26 UPDATE: video and slides now available below.

 

Hello all,

it is my great pleasure to announce that on February 26 at 10 am PT, we will publish here a video intended to help you get started with ServiceNow Security solutions.

We realize that many of you are new to ServiceNow and could do with a little help to move quickly towards lowering your risk profile.

In this video, ServiceNow specialists will present a step-by-step guide to get your team confident and ready for implementation. They will share some best practice tips and provide resources to make sure you are all set up before going live.

The team will also be on-call during at that time to answer your questions on the Forum.

In a following tutorial we will address the various steps of implementation (to stay tuned, please subscribe to the Forum).

See you there and then. No registration required, just turn up.

EF

 

FEATURED SPEAKERS

find_real_file.pngRob Randell
Director Solutions Consulting, Security & Risk, 
ServiceNow​		 find_real_file.pngLuke Kasper
Senior Security Consultant, 
ServiceNow​

Video and slides were made available on February 26, at 9:07 am PT.

 

Please give us your feedback and subscribe to the Forum.

Preview file
145 KB
Preview file
131 KB
  • 5,103 Views
1 ACCEPTED SOLUTION

Go to solution
Eric Feron
Moderator
Moderator

‎08-13-2019 10:45 AM

Hello all,

here is the path to success for new customers as it stands today:

find_real_file.png

Episode 1: Prepare your implementation

Critical steps to go fast: what you should do.​

View the 23-minute video tutorial, download the guide and ask questions.​

 

Episode 2: Implement

A 12 weeks cycle: how to stay on schedule.​

View the 17-minute video tutorial, download the guide and ask questions.

 

Episode 3: You are live, now what?

Tune for best results​

11-min video tutorial, slides and Q&A.

 

Episode 4: Finding the right partner for your journey

Don't go alone

16-min video tutorial, slides and Q&A.

 

Episode 5: Notifications

Get them right to be safe

16-min video tutorial, slides and Q&A

 

Episode 6: Vulnerability Response

Get started simply and quickly

15-min video tutorial, slides and Q&A

 

Episode 7: Incident enrichment

Leave no stone unturned

12-min video tutorial, slides and Q&A

 

Episode 8: Reports and Dashboards

Quickly the best out of them

13-min video tutorial, slides and Q&A

 

Episode 9: Training

What classes are right for your role

Document

 

 

View solution in original post

Preview file
195 KB
21 REPLIES 21

Go to solution
Eric Feron
Moderator
Moderator

‎02-21-2019 10:18 AM

Hello again,

I am happy to report that the slides have been finished, the tutorial has been recorded and we are on track to publish the video and PDF here on Feb 26.

Meanwhile, we are starting to work on the upcoming Community tutorials: Implementation phase for VR and SIR, pre-implementation for IRM, Madrid features etc...

Let us what you you would like to see.

Cheers,

EF

Go to solution
Eric Feron
Moderator
Moderator

‎02-25-2019 04:37 PM

The video tutorial will be available in a few hours.

Thank you for your patience.

0 Helpfuls

Go to solution
Eric Feron
Moderator
Moderator

‎02-26-2019 10:02 AM

Video and slides now available here. See above.

Good viewing. 🙂 

Go to solution
KAM
Mega Contributor

‎02-26-2019 10:57 AM

Thanks for the presentation.  A little salesy but a good overview of using ServiceNow for VR and IR.

I'd like to see something about how Now can be used on faster, autonomous response from scans and network visualization tools. It's similar to orchestrated remediation but first, we define an incident to include even pre-breach information.

If something is being actively attacked, or information is available that a patch is coming, we don't need to wait until a scan shows you a system is vulnerable (or breached. Combining automatic blocks from anomalous behavior analysis and similar AI as well as threat intelligence feeds (bad actor lists, CVEs feeds, etc).

I'd love to see how Service Now might integrate or replace those tasks.  For example, if we have an IDS that blocks an IP address, it would be good to open a ticket so if that block becomes a false positive, we can unblock it from a helpdesk ticket that automates the end to end.

Additionally, operation stability is important but sometimes a block until proven ok is the best approach.  I'd like to see more system owners ready to take a "block things until you are sure it's ready" approach.  Hacks are being automated so if we aren't responding in seconds, we may have already lost.  Any thoughts on how that approach can be championed with Service Now because even if it's faster, it's not fast enough with humans in the chain.

Finally, looking at the classes specifically the Vulnerability Response Implementation and Security Incident Response Implementation training, do you have a ballpark on the costs? There is nothing currently listed.

 

Regards,

KAM