ServiceNow

The Risk Quantifier (RQ) App for ServiceNow GRC natively integrates the data-driven, AI-powered cyber risk quantification capabilities of the ThreatConnect Risk Quantifier (RQ) Platform directly in ServiceNow GRC, enabling CISOs and their teams to define the impact of cyber risks in financial terms, enabling effective communications and decision-making with business stakeholders, executives, and directors.

ThreatConnect RQ is the only cyber risk quantification tool that combines high-fidelity data with AI-powered analytics to produce defensible financial impact estimates of cyber risks. ServiceNow GRC benefits from ThreatConnect RQ's approach to supporting various use cases, such as performing cyber risk assessments with quantitative results, measuring the financial risk exposure from the security control compliance state in ServiceNow GRC, and understanding the financial loss mitigation opportunities associated with control improvements.

Key Features

ServiceNow customers will be able to seamlessly calculate their financial risk to cyber attacks and see which controls should be improved based on the greatest financial risk.

Requirements

System Requirements

GRC: Profiles
GRC: Policy and Compliance Management
GRC: Risk Management
GRC: Advanced Risk

This app can be found in the ServiceNow store here

The ServiceNow Playbook App provides users with a set of actions to work with ServiceNow table records and attachments. These actions provide the key building blocks for automating processes between ThreatConnect and ServiceNow. The following actions are available:

• List Table Records
• Get Table Records
• Create Table Records
• Update Table Records
• Add Attachment

This app can be found in the ThreatConnect App Catalog under the following name: ServiceNow

The ThreatConnect Activity Pack provides a set of activities that can be leveraged from ServiceNow Orchestration workflows to interact bidirectionally with ThreatConnect’s API and Playbooks. These activities provide a broad set of functionality that can be used for automating processes associated with security operations and incident response. Think of it as predetermined automation actions that will allow ServiceNow analysts like you to interact with ThreatConnect in a variety of ways:

• Create ThreatConnect Incident – This activity creates an Incident in ThreatConnect
• Create ThreatConnect Indicator – This activity creates an Indicator in ThreatConnect
• Get ThreatConnect Incident – This activity retrieves  an Incident from ThreatConnect
• Get ThreatConnect Indicator – This activity retrieves an Indicator from ThreatConnect
• Filter ThreatConnect Indicators – This activity retrieves multiple Indicators from ThreatConnect
• ThreatConnect API Client –  This activity provides general-purpose access to the ThreatConnect API
• Run ThreatConnect Playbook – This activity triggers a ThreatConnect Playbook with an HttpLink Trigger

This app can be found in the ServiceNow store under the name: ThreatConnect Activity Pack for Orchestration

*This app now supports Quebec version

The ThreatConnect app for ServiceNow Security Operations provides Threat Lookup and Observable Enrichment capabilities against ThreatConnect intelligence and analytics collections. These features give analysts working inside ServiceNow the information they need to get relevant and actionable insights from intelligence sources within the ThreatConnect Platform. The app contains the following actions:

• Enrich Observables
• Provides detailed context from ThreatConnect in an enrichment table
• Perform Threat Lookups
• Produces Malicious or Unknown Rating automatically

This app can be found in the ServiceNow store under the name: ThreatConnect for Security Operations