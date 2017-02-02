ServiceNow, the enterprise cloud company, today announced integrations from leading cybersecurity companies into ServiceNow Security Operations solution.
With ServiceNow customers can prioritize threats and use a structured
response engine to resolve real security threats fast. Now security
analysts can easily enrich threat information, map those threats to the
underlying business service at risk, and easily collaborate with IT to
automatically resolve them. This replaces the manual, slow and
ineffective back-and-forth resolution process of the past.
While
enterprises have invested heavily in protection and detection tools,
security response is often left unaddressed. Determining whether an
alert constitutes an actual threat can take hours. Security analysts use email, phone calls and spreadsheets to
coordinate remediation with IT teams. These manual processes are
error-prone and unwieldy, leading to lengthy breach containment times of
70 days on average, according to the Ponemon Institute.
ServiceNow
Security Operations replaces the manual work patterns of the past with
intelligent workflows of the future and just added several new
automation integrations from leading security vendors. In as little as
20 seconds, Security Operations automatically enriches each security
incident with threat intelligence, including information from
potentially affected endpoints. This allows security analysts to spend
less time on researching problems and to get to resolution faster. In
addition, ServiceNow Security Operations eliminates the need for manual
data collection by automatically generating a post-incident report for
later analysis, reporting or audit.
"As
an industry, we can't hire our way out of this problem," said Sean
Convery, general manager of Security, ServiceNow. "ServiceNow Security
Operations makes the most of a company's security talent. It automates
busy work so analysts can concentrate on stopping cyberattacks rather
than filling out forms."
New Integrations with Leaders in Security
With the latest ServiceNow product release, Security Operations customers gain several built-in integrations, including:
- Palo Alto Networks:
ServiceNow Security Operations can use threat intelligence data
provided by the Palo Alto Networks Next-Generation Security platform via
its AutoFocus contextual threat intelligence and WildFire cloud-based
threat analysis offerings to automatically enrich the context around a
security incident. This provides valuable information for the security
analyst in an automated manner and expedites response. If remediation
requires a change to the Palo Alto Networks Next-Generation Firewall,
the change can be orchestrated directly from within Security Operations,
including routing permission to the firewall administrator to ensure
he/she is aware of the change.
- Tanium:
Further integration with Tanium Core Platform allows ServiceNow to
enrich cases with running, live process data directly from an affected
endpoint. This improves visibility into remote endpoints to quickly
determine the severity and impact of an event.
- Several other SIEM and security incident source integrations are available in the latest release. See this site for a current list.
"By
integrating with the Palo Alto Networks Next-Generation Security
Platform, ServiceNow is able to leverage the wealth of our offerings for
the benefit of our joint customers," said Chad Kinzelberg, senior vice
president of Business and Corporate Development, Palo Alto Networks.
"The ability to automate what are typically manual processes accelerates
response times and eliminates tedious efforts that so often hinder
effective prevention of cyber breaches."
"You
can't be successful in security without knowing what's happening in
every corner of your environment," said Orion Hindawi, co-founder and
chief executive officer, Tanium. "The integration of Tanium's Core
Platform into ServiceNow's Security Operations will ensure customers get
a full and complete picture of all their endpoints and be able to move
quickly when an incident happens. We're thrilled to work with ServiceNow
and our partners to help customers thrive in today's threat landscape."