Try our new research platform with insights from 80,000+ expert users
ServiceNow Security Operations Logo

ServiceNow Security Operations Reviews

Vendor: ServiceNow
4.0 out of 5
Badge Ranked 1
Leave a review

What is ServiceNow Security Operations?

ServiceNow Security Operations is a cutting-edge security solution designed to elevate organizations' security incident response (SIR) processes through automation and orchestration. Going beyond traditional SOAR, this comprehensive Security Operations Suite integrates seamlessly with other ServiceNow products and offers a wide array of features. Its components include Security Incident Response (SIR), which automates incident workflows and offers pre-built playbooks; Security Configuration Compliance (SCC), continuously scanning and automating compliance tasks; Vulnerability Response (VR), prioritizing and remediating vulnerabilities; Threat Intelligence (TI), aggregating threat data for proactive threat hunting; and additional features like IT Service Management integration, Machine Learning and AI, reporting, and a mobile app. The benefits span improved incident response speed, reduced mean time to resolution, increased security posture, enhanced compliance, collaborative synergy between security and IT teams, and operational cost reductions. 

Get the ServiceNow Security Operations Buyer's Guide and find out what your peers are saying about ServiceNow Security Operations, Microsoft Sentinel, IBM Security QRadar and more!
ServiceNow Security Operations is the #1 ranked solution in top Security Incident Response solutions, #5 ranked solution in SOAR tools, and #10 ranked solution in top Risk-Based Vulnerability Management solutions. PeerSpot users give ServiceNow Security Operations an average rating of 8.0 out of 10. ServiceNow Security Operations is most commonly compared to Microsoft Sentinel: ServiceNow Security Operations vs Microsoft Sentinel. ServiceNow Security Operations is popular among the large enterprise segment, accounting for 66% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a financial services firm, accounting for 20% of all views.
Buyer's Guide
ServiceNow Security Operations
August 2025
Get the report
Helped 866,218 peers since 2012

Featured ServiceNow Security Operations reviews

Read more reviews

ServiceNow Security Operations mindshare

Product category:
Security Incident Response
As of August 2025, the mindshare of ServiceNow Security Operations in the Security Incident Response category stands at 14.6%, down from 14.9% compared to the previous year, according to calculations based on PeerSpot user engagement data.
Security Incident Response Market Share Distribution
ProductMarket Share (%)
ServiceNow Security Operations14.6%
Proofpoint Threat Response17.1%
Splunk Attack Analyzer8.8%
Other59.5%
Security Incident Response

PeerResearch reports based on ServiceNow Security Operations reviews

TypeTitleDate
CategorySecurity Incident ResponseAug 30, 2025Download
ProductReviews, tips, and advice from real usersAug 30, 2025Download
ComparisonServiceNow Security Operations vs VMware Carbon Black EndpointAug 30, 2025Download
ComparisonServiceNow Security Operations vs Proofpoint Threat ResponseAug 30, 2025Download
ComparisonServiceNow Security Operations vs IBM ResilientAug 30, 2025Download
Suggested products
TitleRatingMindshareRecommending
Microsoft Sentinel4.1N/A93%98 interviewsAdd to research
IBM Security QRadar4.0N/A91%210 interviewsAdd to research
 
 
Key learnings from peers

Valuable Features

ServiceNow Security Operations offers seamless integration with security tools, cloud-based flexibility, and advanced vulnerability management. Organizations appreciate the automated workflows, customization options, and comprehensive governance risk and compliance capabilities. Users value the user-friendly interface, real-time data access, and ability to manage incidents efficiently. Integration with ITSM, IT Operations, and SAM enhances overall operations. The platform facilitates simplified processes for security incident management and provides an agile, scalable environment for varied cybersecurity efforts.
  • "ServiceNow Security Operations collects data from various sources and presents it in a single, respectable format for assessment and action, providing a unified user experience where all work and fixes can be managed from one location."
  • "ServiceNow Security Operations provides significant control over vulnerabilities, allowing users to mark false alarms as false positives and ignore them, which is important because many vulnerabilities are not real but appear as such."
  • "I will recommend it to others as it is an enterprise application used by large companies for ticketing purposes."

Room for Improvement

ServiceNow Security Operations users find customization complex and time-consuming. They desire better dashboard integration, simplified processes, and enhanced documentation. Existing integrations with third-party tools require expansion, and the user interface should be more intuitive. Reports and ticketing functions can be slow, and visibility across teams poses challenges. Users seek improved developer support, awareness of capabilities, and an automated, plug-and-play onboarding experience. Enhanced vulnerability management features and GenAI improvements are anticipated.
  • "Visibility and transitions between teams present significant challenges in the SecOps space, indicating that substantial training and hand-holding are required to improve usability, which is one observation I have had."
  • "Report generation within ServiceNow can take some time. Additionally, there are occasional issues when raising a ticket, which can also consume time."
  • "Report generation within ServiceNow can take some time."

Pricing

ServiceNow Security Operations pricing is considered competitive in the industry, with costs varying by client and industry. While some users find it expensive compared to others like BMC Remedy, many believe it offers good value due to its bundled ITSM suite. Enterprises should account for additional costs beyond licensing, such as implementation, maintenance, and upgrades. Pricing is based on yearly subscriptions, considering factors like asset numbers and platform users.
  • "The product is more expensive than other solutions."
  • "Compared to competitor tools, ServiceNow Security Operations is more affordable"
  • "It is an expensive product."

Popular Use Cases

Organizations use ServiceNow Security Operations for integrating with existing IT systems to enhance incident response, manage vulnerabilities, and streamline security tasks. Integrations with tools like Splunk, Tenable, and Microsoft Defender facilitate the automation of processes, while the software improves efficiency in dealing with security incidents, conducting assessments, and ensuring compliance. It supports ticketing systems, manages legal structures, and adapts to both SaaS and on-premise architectures for flexible deployments.

Service and Support

ServiceNow Security Operations support receives mixed feedback. Several sources praise the support as prompt and effective, rating it highly. Others find the initial support level lacking in technical depth, particularly with integrations and specific queries requiring deeper investigation. Response times could be improved, and some report needing further exploration for technical questions. Teams note ServiceNow's ability to address issues with recommendations and improvements, leading to satisfaction.

Deployment

ServiceNow Security Operations' initial setup is generally straightforward, though complexity may arise depending on organizational needs and familiarity with related domains. Many agree it is manageable, with mature service management features and good documentation aiding the process. Setup duration varies, typically requiring a small team, with deployment times ranging from a few weeks to several months based on customization needs. Some face integration challenges and political hurdles in adapting existing processes.

Scalability

ServiceNow Security Operations is highly scalable, meeting enterprise needs. Scalability requires planning, but many organizations experience excellent adaptability, with integrations enhancing its capacity. The cloud-based platform supports extensive user bases, though some prefer integration with third-party tools. It's employed across various departments often on large scales by medium and large enterprises. Users appreciate the platform's ability to handle growth effectively and quickly. Scalability ratings often appear high, reflecting general satisfaction with its capabilities.

Stability

ServiceNow Security Operations is recognized for its stability, receiving positive feedback from users. While a few mention minor issues, these are resolved quickly with support. Users emphasize the absence of major bugs or crashes. The system is described as reliable, particularly when configured correctly. Users regularly highlight its consistent performance and resilience. Ratings frequently range from eight to nine out of ten, indicating user satisfaction with its stability.
These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.
Download our ServiceNow Security Operations Buyer's Guide for additional reliable information.

Review data by company size

By reviewers
Company SizeCount
Small Business4
Midsize Enterprise2
Large Enterprise15
By reviewers
By visitors reading reviews
Company SizeCount
Small Business90
Midsize Enterprise64
Large Enterprise301
By visitors reading reviews

Top industries

By visitors reading reviews
Financial Services Firm
20%
Manufacturing Company
12%
Computer Software Company
9%
Government
5%
Healthcare Company
4%
Insurance Company
4%
Educational Organization
4%
Retailer
4%
Energy/Utilities Company
4%
University
4%
Comms Service Provider
3%
Performing Arts
3%
Real Estate/Law Firm
3%
Outsourcing Company
3%
Construction Company
2%
Hospitality Company
2%
Transportation Company
2%
Media Company
2%
Consumer Goods Company
2%
Wholesaler/Distributor
2%
Non Profit
1%
Pharma/Biotech Company
1%
Legal Firm
1%
Mining And Metals Company
1%
Logistics Company
1%
Marketing Services Firm
1%
Recreational Facilities/Services Company
1%

Compare ServiceNow Security Operations with alternative products

Go!

Learn more about ServiceNow Security Operations

ServiceNow Security Operations customers

DXC Technology, Freedom Security Alliance, Prime Therapeutics, Seton Hall University, York Risk Services

Related questions

  • 122
What are the pros and cons of internal SOC vs SOC-as-a-Service?
  • 78
What are the Top 5 cybersecurity trends in 2022?
  • 203
How do you decide about the alert severity in your Security Operations Center (SOC)?
  • 120
What is the difference between cyber resilience and business continuity?
  • 221
What is an incident response playbook and how is it used in SOAR?
  • 268
What is the difference between mitigation and remediation in incident response?
  • 40
What does the Log4j/Log4Shell vulnerability mean for your company?
  • 46
What tools and solutions do you use for automated incident response in an enterprise in 2022?
  • 55
What are the latest trends in Security Operations Center (SOC)?
  • 48
What are the best practices for Security Operations Center (SOC)?

Product Categories

Product Categories
Security Incident Response
Security Orchestration Automation and Response (SOAR)
Risk-Based Vulnerability Management

Popular Comparisons

Popular Comparisons
Microsoft Sentinel vs ServiceNow Security Operations Logo
Microsoft Sentinel vs ServiceNow Security Operations
IBM Security QRadar vs ServiceNow Security Operations Logo
IBM Security QRadar vs ServiceNow Security Operations
Palo Alto Networks Cortex XSOAR vs ServiceNow Security Operations Logo
Palo Alto Networks Cortex XSOAR vs ServiceNow Security Operations
Splunk SOAR vs ServiceNow Security Operations Logo
Splunk SOAR vs ServiceNow Security Operations
Microsoft Defender Vulnerability Management vs ServiceNow Security Operations Logo
Microsoft Defender Vulnerability Management vs ServiceNow Security Operations
Exabeam vs ServiceNow Security Operations Logo
Exabeam vs ServiceNow Security Operations
Tines vs ServiceNow Security Operations Logo
Tines vs ServiceNow Security Operations
ThreatConnect Threat Intelligence Platform (TIP) vs ServiceNow Security Operations Logo
ThreatConnect Threat Intelligence Platform (TIP) vs ServiceNow Security Operations
NetWitness NDR vs ServiceNow Security Operations Logo
NetWitness NDR vs ServiceNow Security Operations
Fortinet FortiSOAR vs ServiceNow Security Operations Logo
Fortinet FortiSOAR vs ServiceNow Security Operations
Wiz Code vs ServiceNow Security Operations Logo
Wiz Code vs ServiceNow Security Operations
Swimlane vs ServiceNow Security Operations Logo
Swimlane vs ServiceNow Security Operations
Google Security Operations vs ServiceNow Security Operations Logo
Google Security Operations vs ServiceNow Security Operations
IBM Resilient vs ServiceNow Security Operations Logo
IBM Resilient vs ServiceNow Security Operations
Trellix Helix Connect vs ServiceNow Security Operations Logo
Trellix Helix Connect vs ServiceNow Security Operations
See all alternatives
 
ServiceNow Security Operations Reviews Summary
Author infoRatingReview Summary
Associate Vice President at Wissen infotech4.0I deploy ServiceNow Security Operations in cloud environments, finding its vulnerability management beneficial. However, improvements are needed in handling false positives. Usability issues exist, especially in team transitions, requiring better training and support from ServiceNow.
DevOps Team Lead at Tata Consultancy4.0I use ServiceNow for internal ticketing between support teams, finding it convenient for communication and task management. However, report generation is slow, and occasionally, issues arise when raising tickets, affecting efficiency. Overall, it's an average platform.
ServiceNow Developer at Bangmetric services pvt ltd4.0I've used ServiceNow Security Operations for six months to manage incidents and vulnerabilities, valuing its integrations and unified interface, though it relies on third-party tools for assessments. Setup was easy, support is strong, and scalability is excellent.
Senior QE Lead at Cognizant4.0I find ServiceNow Security Operations valuable for managing incidents and change requests efficiently, categorizing them by priority and type. Its low-cost and open-source nature makes it a preferred tool across multiple projects, despite no noted areas for improvement.
Senior DeliveryManager at ITC Infotech4.0In my review, I noted that while ServiceNow Security Operations offers potential, many clients struggle to fully leverage its capabilities due to limited awareness or training, highlighting an area for improvement in enhancing customer understanding of the platform.
Integrator at Conduent (formerly Xerox Services)3.5I use ServiceNow Security Operations for threat intelligence and incident management. Its SOAR module is valuable and easy to manage. However, improved marketing, dashboard, and playbook creation are needed due to competition, especially from IBM SOAR.
End User Support at Genpact - Headstrong4.0We use ServiceNow Security Operations daily to manage and track tickets, connect with users, and monitor usage. The "follow" feature is valuable, but we seek a follow-up and reminder feature for prioritizing older tickets efficiently.
Solutions Architect at NEC Corporation4.0I primarily use ServiceNow Security Operations for automating security tasks, especially with tools like Nessus and BurpSuite. The no-code workflows are user-friendly, but customization challenges arise during upgrades due to unsupported tailored operations.