Solutions

  • Products
  • Use Cases
  • Industries
  • WHITE PAPER
  • HR and IT better together
  • Boost productivity and attract quality talent with great employee experiences.
  • EBOOK
  • 5 steps to transformation
  • A proactive, connected client experience is essential for financial services.

Platform

  • ANALYST REPORT
  • The value of digital workflows
  • Get apps to market in half the time at a third of cost with higher satisfaction.

Customers

  • SUCCESS NAVIGATOR
  • Your prescription for success
  • Accelerate outcomes with a step-by-step action plan of proven best practices.

Explore

  • VALUE CALCULATOR
  • Live up to your potential
  • Determine the untapped value across your entire business in just 60 seconds.

Centralize your Security Response with ServiceNow Security Operations and Microsoft Azure Sentinel (in public beta)


Security teams working on security operations

 

Security teams today are inundated with alerts and information from a growing number of siloed point solutions. Furthermore, manual processes and cross-team handoffs hinder the security team’s ability to efficiently respond to attacks.

To help solve this challenge, ServiceNow® has developed an integration to connect with different Microsoft security technologies like Azure Sentinel, Microsoft Defender Advanced Threat Protection, Azure Advanced Threat Protection, and more via Microsoft Graph. This enables customers to bring rich insights from Azure Sentinel and other Microsoft products into ServiceNow Security Operations. Customers can manage and respond to security incidents centrally from within the Now Platform®.

 

Streamlining security incident creation

With this integration using the Microsoft Graph Security API, security alerts will be ingested into ServiceNow Security Operations to automatically create security incidents in ServiceNow Security Incident Response. 

Alert Ingestion profiles ensure comprehensive mapping of details in the alert to Security Incident artifacts and trigger playbooks in ServiceNow to orchestrate,  triage, investigate and response actions.

This automation of responses to alerts enables quality and consistency of security investigations and scales security incident teams.

Applying the power of the Now Platform® Configuration Management Database (CMDB) to map threats, security incidents, and vulnerabilities to business services and IT infrastructure, to ServiceNow Security Operations enables prioritization and risk scoring based on business impact, allowing security teams to focus on what is most critical to their business.

Using built-in workflows, ServiceNow routes incidents to the correct personnel or response tools to contain, mitigate or remediate threats. Post-incident reporting, customizable dashboards and metrics help teams gain insights into process workings and drives continuous improvement of the overall security profile.

The Microsoft Graph Security API is an intermediary service (or broker) that provides a single programmatic interface to connect multiple security providers (Native to Microsoft as well as ServiceNow Partners). Microsoft Azure Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution. Discover other Microsoft security products included with this single integration with the Microsoft Graph Security API.

 

Accelerating digital transformation for customers

Together, Microsoft and ServiceNow will accelerate digital transformation for enterprise and government customers. We announced a strategic partnership in July which will move ServiceNow workloads to Microsoft Azure for highly regulated industries. The strength of our relationship is felt by customers today with more than 20 integrations available between Microsoft and ServiceNow. Here is a sample of other recent integrations:

For more information on these and other integrations, visit ServiceNow’s Security Operations Community blog posts  and  ServiceNow store. For more information on the integration, click here to join the discussion on ServiceNow Security Operations and Microsoft Azure Sentinel.

 

© 2019 ServiceNow, Inc. All rights reserved. ServiceNow, the ServiceNow logo, Now, and other ServiceNow marks are trademarks and/or registered trademarks of ServiceNow, Inc., in the United States and/or other countries. Other company and product names may be trademarks of the respective companies with which they are associated.

 

Use of ForwardLooking Statements

This blog contains “forward‑looking statements” regarding our future plans and performance. Forward‑looking statements are subject to known and unknown risks and uncertainties and are based on potentially inaccurate assumptions that could cause actual results to differ materially from those expected or implied by the forward‑looking statements. If any such risks or uncertainties materialize or if any of the assumptions prove incorrect, our results could differ materially from the results expressed or implied by the forward‑looking statements we make. Factors that may cause actual results to differ materially from those in any forward‑looking statements include: (i) the timing of the general availability release of the beta integration, (ii) our ability to integrate with the Microsoft security technologies described herein and (iii) changes made to the beta integration prior to the general availability release. We undertake no obligation, and do not intend, to update these forward‑looking statements.

Topics

Featured

  • Security teams working on security operations
    Now Platform
    Now Platform Enables Organizations to Scale DevOps to the Enterprise
    11-18-2019 Our new enterprise DevOps solution will let ServiceNow customers develop better software faster, without compromising quality or increasing risk.
  • Gartner Magic Quadrant Report
    Customer Experience
    Customer service from A to Z: A ServiceNow glossary for success
    11-08-2019 The A to Z of customer service. Use this glossary to establish a shared language for your organization’s customer service transformation. 
  • Customer Experience
    Proactive customer service – How to anticipate and solve issues
    11-06-2019 What does it take to establish proactive customer service? In the webinar: “Top 5 Practices: Proactive Customer Service for Digital Services” John Ragsdale, distinguished VP of technology research for the Technology Services Industry Association (TSIA), discusses what proactive customer service could mean and look like for a company.
  • Whyaye partners implementing ITSM
    Partners
    Implementing ITSM quickly – 3 women who made “Why, yes” their motto
    11-03-2019 Five years ago, Maureen Robson, Anna Bisset, and Lisa Jones were thrown together on an important project at a UK-based bank. Their goal: to implement ServiceNow ITSM platform as quickly as possible. The trio worked together so successfully (completing what would normally be a two-year-project in just 10 months) that they continued their journey together at a further two companies working with ServiceNow, and have now decided to start their own company. Today, through their startup, Why Aye, they’ve built new careers as full-time ServiceNow contractors. The name comes from a slang term used in Newcastle (where Robson is from) meaning Why Yes!—as in, why, yes we can.¬¬¬

Trends & Research

DevOps comes to the enterprise
How to harmonize dev and ops
How well do you know your Gen Zs?

Year