ServiceNow (NYSE: NOW) is making the world of work, work better for people. Our cloud-based platform and solutions deliver digital workflows that create great experiences and unlock productivity for employees and the enterprise.
The Risk Quantifier (RQ) App for ServiceNow GRC natively integrates the data-driven, AI-powered cyber risk quantification capabilities of the ThreatConnect Risk Quantifier (RQ) Platform directly in ServiceNow GRC, enabling CISOs and their teams to define the impact of cyber risks in financial terms, enabling effective communications and decision-making with business stakeholders, executives, and directors.
ThreatConnect RQ is the only cyber risk quantification tool that combines high-fidelity data with AI-powered analytics to produce defensible financial impact estimates of cyber risks. ServiceNow GRC benefits from ThreatConnect RQ's approach to supporting various use cases, such as performing cyber risk assessments with quantitative results, measuring the financial risk exposure from the security control compliance state in ServiceNow GRC, and understanding the financial loss mitigation opportunities associated with control improvements.
ServiceNow customers will be able to seamlessly calculate their financial risk to cyber attacks and see which controls should be improved based on the greatest financial risk.
The ServiceNow Playbook App provides users with a set of actions to work with ServiceNow table records and attachments. These actions provide the key building blocks for automating processes between ThreatConnect and ServiceNow. The following actions are available:
List Table Records
Get Table Records
Create Table Records
Update Table Records
Add Attachment
This app can be found in the ThreatConnect App Catalog under the following name: ServiceNow
The ThreatConnect Activity Pack provides a set of activities that can be leveraged from ServiceNow Orchestration workflows to interact bidirectionally with ThreatConnect’s API and Playbooks. These activities provide a broad set of functionality that can be used for automating processes associated with security operations and incident response. Think of it as predetermined automation actions that will allow ServiceNow analysts like you to interact with ThreatConnect in a variety of ways:
Create ThreatConnect Incident – This activity creates an Incident in ThreatConnect
Create ThreatConnect Indicator – This activity creates an Indicator in ThreatConnect
Get ThreatConnect Incident – This activity retrieves an Incident from ThreatConnect
Get ThreatConnect Indicator – This activity retrieves an Indicator from ThreatConnect
Filter ThreatConnect Indicators – This activity retrieves multiple Indicators from ThreatConnect
ThreatConnect API Client – This activity provides general-purpose access to the ThreatConnect API
Run ThreatConnect Playbook – This activity triggers a ThreatConnect Playbook with an HttpLink Trigger
The ThreatConnect app for ServiceNow Security Operations provides Threat Lookup and Observable Enrichment capabilities against ThreatConnect intelligence and analytics collections. These features give analysts working inside ServiceNow the information they need to get relevant and actionable insights from intelligence sources within the ThreatConnect Platform. The app contains the following actions:
Enrich Observables
Provides detailed context from ThreatConnect in an enrichment table
Perform Threat Lookups
Produces Malicious or Unknown Rating automatically