ServiceNow has announced new strategic integrations with Microsoft to make enterprises’ cybersecurity operations more efficient, extending the two companies existing partnership. The announcement was made at Knowledge 2021, ServiceNow’s flagship digital experience for its customers, partners, and developer community.
New integrations with the ServiceNow Security Operations Solution Suite include Microsoft Azure Sentinel, Microsoft Threat & Vulnerability Management, Microsoft Teams, and Microsoft SharePoint. These integrations will help security operations teams make smarter decisions across security planning, management, and incident response.
According to Gartner, "The threat and attack surface that Security Operations must address continues to grow as businesses expand their use of cloud services like SaaS and cloud infrastructure and platform services, as OT/industrial control system (ICS) environments become more connected, and as workers are more distributed.”
Hybrid working era
An acceleration in working remotely has meant businesses and individuals have had to adapt to the way of working, and this includes where data is being stored. Businesses in the UK each faced 686,961 attempts on average to breach their systems online in 2020, according to specialist internet service provider Beaming. This equates to an attempted attack every 46 seconds, with 2020 proving to be the busiest year on record for cyber attacks.
“Nearly 80% of the Fortune 500 rely on ServiceNow’s ‘platform of platforms,’” said Lou Fiorello, the vice president and general manager of security products at ServiceNow. “More and more, customers are seeing the value of running security operations processes on the platform, leveraging enterprise business context, and automating workflows across the enterprise in real-time.”
Other ServiceNow Security Operations integrations with Microsoft announced include:
- Microsoft Teams integration with Major Security Incident Management (a feature of ServiceNow Security Incident Response) that streamlines and improves collaboration on critical security incidents through automated setup of dedicated Teams channels and sharing of collaboration and chat activities to the major security incident case record to maintain transparency of communications.
- SharePoint integration with Major Security Incident Management (a feature of ServiceNow Security Incident Response) centralises the evidence gathered by teams during critical security incidents by automating the creation of SharePoint folder structures. The artefacts created by the different incident response groups are consolidated for visibility in the major security incident case record.
- Microsoft Threat & Vulnerability Management integration with ServiceNow Vulnerability Response takes in asset information, vulnerabilities, and recommendations by prioritising vulnerabilities using asset and business context and driving remediation workflows. Remediation owners are able to action the highest risk items using pre‑populated solution details to improve the security posture of an organisation.
General availability of Azure Sentinel and Microsoft Threat & Vulnerability Management integrations is expected to start June 2021. Limited availability of Microsoft Teams and SharePoint integrations is expected in June 2021, with general availability planned later in the year.