3 min read

ServiceNow tackling security workflows in new offering

Security & Privacy

Quick question: Who is the fastest growing multi-billion-dollar enterprise IT company in the world?

Answer: Amazon Web Services. O.K. You more than likely already know about AWS. Now, second question; Who is the second fastest growing multi-billion-dollar enterprise IT company in the world?

The answer to that question is Silicon Valley-based ServiceNow. AWS CEO Andy Jassy surprised many at the recently concluded Re: Invent show in Las Vegas when he mentioned ServiceNow in the same breath as his own company during his top enterprise IT presentation.

The Santa Clara, Calif.-based ServiceNow is an enterprise cloud vendor with a motto to change the way people work today. One of its latest initiatives is to integrate top cybersecurity vendors into ServiceNow Security Operations solution. The strategy behind this move is to provide channel partners and end users with the ability to automate common manual processes in hopes of speeding up response times. ServiceNow is working to get rid of the tedious effort IT professionals make to prevent more data breaches.

The ServiceNow Security Operations prioritize threats and uses a structured response engine to resolve real security threats. How it changes the workflow is now security analysts can enrich threat information, map those threats to the underlying business service at risk, and collaborate with IT to automatically resolve them.

ServiceNow Security Operations is just one service model the company offers. All the other offers are aligning to remove the need to use phone calls, emails and spreadsheets in the management process of an IT enterprise. ServiceNow offerings target more than just the IT department. They include human resources, facilities management, and field service.

Research firm Ponemon Institute reported that enterprises have invested heavily in protection and detection tools; security response is often left unaddressed. Determining whether an alert constitutes an actual threat can take hours. Security analysts use email, phone calls and spreadsheets to coordinate remediation with IT teams. These manual processes are error-prone and unwieldy, leading to lengthy breach containment times of 70 days on average.

The ServiceNow Security Operations solution interface

The ServiceNow Security Operations solutions also automatically provides each security incident with threat intelligence, including information from potentially affected endpoints. This allows security analysts to spend less time on researching problems and to get to resolution faster, the company said.

In addition, ServiceNow Security Operations eliminates the need for manual data collection by automatically generating a post-incident report for later analysis, reporting or audit.

Sean Convery, security GM for ServiceNow, said as an industry, we can’t hire our way out of this problem. ServiceNow Security Operations makes the most of a company’s security talent. It automates busy work so analysts can concentrate on stopping cyberattacks rather than filling out forms.

ServiceNow is looking to increase its channel coverage. The company has stated they want the right partners to join its network of solution providers. The company believes it can reach the $4 billion milestone mark by 2020 and have said channel partners would be critical to its success for the future. ServiceNow has four channel programs: Sales Partner Program, Services Partner Program, Technology Partner Program, and Authorized Training Program.

The company has some channel partners in Canada. CDN found listed partners such as CompuCom, Softchoice, Zones, Long View Systems, The Createch Group, SHI, and Software One who do business in Canada.

The Sales Partner Program handles referrals, resales and managed service provider engagements and features an opportunity registration area, demo zone and marketing tools.

For Security Operations, ServiceNow has partnered with Palo Alto Networks for threat intelligence data from its next-generation security platform AutoFocus as well as contextual threat intelligence from its cloud-based tool WildFire.

ServiceNow has also partnered with Tanium to run live process data directly from an affected endpoint.

Orion Hindawi, the co-founder and CEO of Tanium, said “you can’t be successful in security without knowing what’s happening in every corner of your environment.”  The integration of Tanium’s Core Platform into ServiceNow’s Security Operations will ensure customers get a full and complete picture of all their endpoints.