We use ServiceNow for incident management and change management purposes. It is used for managing day-to-day operations, incident management, and planning major organizational changes.
My primary use cases with this solution are focused on automation, particularly integrating security operations with pen-testing tools like Nessus, BurpSuite, and Kali Linux.
If we encounter challenges while deploying, we raise incidents. These incidents are categorized by priority: high, medium, and low. We assign an incident number and notify the relevant teams to address the issue. For instance, if we experience a problem with Cloud services or any other issue, we will raise an incident and suggest a course of action. Similarly, they are categorized into expedited, emergency, normal, and planned changes when raising change requests.
We use ServiceNow Security Operations to enhance our cybersecurity efforts. By integrating with tools like Microsoft Defender and external threat intelligence, we assess and prioritize vulnerabilities in devices. This proactive approach helps us ensure the security of our internal systems and meet the specific needs of our clients, providing a robust defense against potential threats.
We use it on a daily basis. We received tickets in ServiceNow. We can connect with the user using the ServiceNow application. We can drop an email, use the top bar, create filters, see how many tickets we have, monitor daily usage, track received tickets, and manage follow-ups. We can also manage dependent tickets and the "Accredited Fine."
Learn what your peers think about ServiceNow Security Operations. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
Our customers use ServiceNow Security Operations to handle their organization's legal structure. Additionally, they use it to define or share information about gifts received from third-party vendors.
I used this solution for incident management for issues that take longer to resolve. About 1,000 people were using this solution in my organization, including management and procurement. I wasn't using the latest version.
ServiceNow CMDB, Discovery and Service Mapping Specialist at ANZ
MSP
2022-10-13T13:04:00Z
Oct 13, 2022
We have Elasticsearch, Data Stream, and other vulnerability scanning tools where we get vulnerable data, and we've integrated them with ServiceNow Security Operations. We would export the data and attach that to the penetration test request by first pushing and transforming the data. Vulnerable items will be created and mapped on ServiceNow Security Operations, then loaded to the penetration test or vulnerable items table. We develop all these applications. In particular, we modify the fields forms, then, based on the requirement, there'll be changes to the configuration and workflow, and we'll also develop the catalog item required. If we want to push data, we'll make a request and integrate it to push the data to the different tables on ServiceNow Security Operations. These are our use cases for ServiceNow Security Operations.
Information Architect at a analyst firm with 201-500 employees
Real User
2022-07-27T21:07:00Z
Jul 27, 2022
It's for internal and external security. There are some things that ServiceNow does. It's to do a comparison study. I just turn the numbers over. We create the SSO catalog packages and such through ServiceNow. We get an invoice or a statement, and we work off of what the client needs to have. A lot of times, I also go back to the business users and try to derive better requirements as they're not very good at it.
I am a security architect. I construct the solutions. ServiceNow Security Operations is on-premises, however, it's a hybrid model where you can have a public cloud also working in tandem with your on-site deployment. The main use case is SecOps or security operations. ServiceNow Security is a two-way ticketing model that gets integrated with Splunk, for example. Splunk will provide two-way integration into the service management process. You have Splunk on one end and ServiceNow on the other end. The tickets will be integrated between the two and be either manually or automatically created. The tickets can be initiated from either platform and automatically or manually pushed as well.
Director Delivery and ServiceNow Practice Lead at a computer software company with 51-200 employees
Real User
2020-07-26T08:18:00Z
Jul 26, 2020
We are contracted by a federal organization to lead an engagement to integrate their existing Vulnerability scanner with ServiceNow SecOps Vulnerability Response with their existing ServiceNow ITSM solution. The use case is to manage scan results from Tenable and help this organization better manage how these vulnerabilities are grouped, prioritized, assigned, processed, monitored and remediated. Integration with the existing Request, Incident, Change and Configuration Management processes are key. Once a vulnerability is remediated, it needs to be confirmed via rescan and closed. This process informs the system so future remediations are resolved faster and more efficiently.
Sr Manager - Delivery Head (ANZ & South Africa) at Cigniti Technologies
Real User
Top 20
2020-07-22T08:17:27Z
Jul 22, 2020
We are a solution provider and ServiceNow is one of the products that we implement for our clients. Of the different ServiceNow modules, we are familiar with several, including Security Operations. ServiceNow integrates with the helpdesk and our clients use it to manage their tickets. It is also used to keep track of security incidents and run periodic scans.
ServiceNow Security Operations is a cutting-edge security solution designed to elevate organizations' security incident response (SIR) processes through automation and orchestration. Going beyond traditional SOAR, this comprehensive Security Operations Suite integrates seamlessly with other ServiceNow products and offers a wide array of features. Its components include Security Incident Response (SIR), which automates incident workflows and offers pre-built playbooks; Security Configuration...
We use ServiceNow for incident management and change management purposes. It is used for managing day-to-day operations, incident management, and planning major organizational changes.
My primary use cases with this solution are focused on automation, particularly integrating security operations with pen-testing tools like Nessus, BurpSuite, and Kali Linux.
If we encounter challenges while deploying, we raise incidents. These incidents are categorized by priority: high, medium, and low. We assign an incident number and notify the relevant teams to address the issue. For instance, if we experience a problem with Cloud services or any other issue, we will raise an incident and suggest a course of action. Similarly, they are categorized into expedited, emergency, normal, and planned changes when raising change requests.
ServiceNow Security Operations is used for threat intelligence and managing issues, offences or incidents.
We use ServiceNow Security Operations to enhance our cybersecurity efforts. By integrating with tools like Microsoft Defender and external threat intelligence, we assess and prioritize vulnerabilities in devices. This proactive approach helps us ensure the security of our internal systems and meet the specific needs of our clients, providing a robust defense against potential threats.
We use it on a daily basis. We received tickets in ServiceNow. We can connect with the user using the ServiceNow application. We can drop an email, use the top bar, create filters, see how many tickets we have, monitor daily usage, track received tickets, and manage follow-ups. We can also manage dependent tickets and the "Accredited Fine."
Our customers use ServiceNow Security Operations to handle their organization's legal structure. Additionally, they use it to define or share information about gifts received from third-party vendors.
I used this solution for incident management for issues that take longer to resolve. About 1,000 people were using this solution in my organization, including management and procurement. I wasn't using the latest version.
We have Elasticsearch, Data Stream, and other vulnerability scanning tools where we get vulnerable data, and we've integrated them with ServiceNow Security Operations. We would export the data and attach that to the penetration test request by first pushing and transforming the data. Vulnerable items will be created and mapped on ServiceNow Security Operations, then loaded to the penetration test or vulnerable items table. We develop all these applications. In particular, we modify the fields forms, then, based on the requirement, there'll be changes to the configuration and workflow, and we'll also develop the catalog item required. If we want to push data, we'll make a request and integrate it to push the data to the different tables on ServiceNow Security Operations. These are our use cases for ServiceNow Security Operations.
It's for internal and external security. There are some things that ServiceNow does. It's to do a comparison study. I just turn the numbers over. We create the SSO catalog packages and such through ServiceNow. We get an invoice or a statement, and we work off of what the client needs to have. A lot of times, I also go back to the business users and try to derive better requirements as they're not very good at it.
I am a security architect. I construct the solutions. ServiceNow Security Operations is on-premises, however, it's a hybrid model where you can have a public cloud also working in tandem with your on-site deployment. The main use case is SecOps or security operations. ServiceNow Security is a two-way ticketing model that gets integrated with Splunk, for example. Splunk will provide two-way integration into the service management process. You have Splunk on one end and ServiceNow on the other end. The tickets will be integrated between the two and be either manually or automatically created. The tickets can be initiated from either platform and automatically or manually pushed as well.
It's deployed on the ServiceNow-hosted GCC.
We are contracted by a federal organization to lead an engagement to integrate their existing Vulnerability scanner with ServiceNow SecOps Vulnerability Response with their existing ServiceNow ITSM solution. The use case is to manage scan results from Tenable and help this organization better manage how these vulnerabilities are grouped, prioritized, assigned, processed, monitored and remediated. Integration with the existing Request, Incident, Change and Configuration Management processes are key. Once a vulnerability is remediated, it needs to be confirmed via rescan and closed. This process informs the system so future remediations are resolved faster and more efficiently.
We are a solution provider and ServiceNow is one of the products that we implement for our clients. Of the different ServiceNow modules, we are familiar with several, including Security Operations. ServiceNow integrates with the helpdesk and our clients use it to manage their tickets. It is also used to keep track of security incidents and run periodic scans.