The solution is generally for operational use, and if there is any security incident, for example, somebody clicks a corrupt link, or there are phishing emails, we can raise a security incident and manage those incidents. 

I used this solution for incident management for issues that take longer to resolve.

About 1,000 people were using this solution in my organization, including management and procurement.

I wasn't using the latest version. 

We use it on a daily basis. We received tickets in ServiceNow. We can connect with the user using the ServiceNow application. 

We can drop an email, use the top bar, create filters, see how many tickets we have, monitor daily usage, track received tickets, and manage follow-ups. We can also manage dependent tickets and the "Accredited Fine."

We have Elasticsearch, Data Stream, and other vulnerability scanning tools where we get vulnerable data, and we've integrated them with ServiceNow Security Operations. We would export the data and attach that to the penetration test request by first pushing and transforming the data. Vulnerable items will be created and mapped on ServiceNow Security Operations, then loaded to the penetration test or vulnerable items table.

We develop all these applications. In particular, we modify the fields forms,  then, based on the requirement, there'll be changes to the configuration and workflow, and we'll also develop the catalog item required. If we want to push data, we'll make a request and integrate it to push the data to the different tables on ServiceNow Security Operations.

These are our use cases for ServiceNow Security Operations.

I am a security architect. I construct the solutions. ServiceNow Security Operations is on-premises, however, it's a hybrid model where you can have a public cloud also working in tandem with your on-site deployment.

The main use case is SecOps or security operations. ServiceNow Security is a two-way ticketing model that gets integrated with Splunk, for example. Splunk will provide two-way integration into the service management process. You have Splunk on one end and ServiceNow on the other end. The tickets will be integrated between the two and be either manually or automatically created. The tickets can be initiated from either platform and automatically or manually pushed as well.

It's deployed on the ServiceNow-hosted GCC.

We use ServiceNow Security Operations to enhance our cybersecurity efforts. By integrating with tools like Microsoft Defender and external threat intelligence, we assess and prioritize vulnerabilities in devices. This proactive approach helps us ensure the security of our internal systems and meet the specific needs of our clients, providing a robust defense against potential threats.

Our customers use ServiceNow Security Operations to handle their organization's legal structure. Additionally, they use it to define or share information about gifts received from third-party vendors.

It's for internal and external security. There are some things that ServiceNow does. It's to do a comparison study. I just turn the numbers over.

We create the SSO catalog packages and such through ServiceNow.

We get an invoice or a statement, and we work off of what the client needs to have. A lot of times, I also go back to the business users and try to derive better requirements as they're not very good at it.

We are contracted by a federal organization to lead an engagement to integrate their existing Vulnerability scanner with ServiceNow SecOps Vulnerability Response with their existing ServiceNow ITSM solution.

The use case is to manage scan results from Tenable and help this organization better manage how these vulnerabilities are grouped, prioritized, assigned, processed, monitored and remediated. 

Integration with the existing Request, Incident, Change and Configuration Management processes are key.  Once a vulnerability is remediated, it needs to be confirmed via rescan and closed.  This process informs the system so future remediations are resolved faster and more efficiently.   

We are a solution provider and ServiceNow is one of the products that we implement for our clients. Of the different ServiceNow modules, we are familiar with several, including Security Operations.

ServiceNow integrates with the helpdesk and our clients use it to manage their tickets. It is also used to keep track of security incidents and run periodic scans.  

Deployment to customers looking to vastly reduce security incident response time and have an auditable trail of the post-mortem analysis on security incidents.

Reduces time to closure and closure metrics for vulnerabilities.