ServiceNow Integrates Security Platform With Palo Alto Networks, Tanium To Speed Up Security Incident Responses
ServiceNow said it had integrated its IT management platform with products from two new security partners, Palo Alto Networks and Tanium, to speed the work of teams responding to security threats.
Palo Alto's threat detection and Tanium's endpoint security information will be delivered to security professionals through automated workflows on ServiceNow's Security Operations platform, said Piero DePaoli, ServiceNow's director of security product marketing.
By directly interfacing with solutions from partners, ServiceNow, based in Santa Clara, Calif., eliminates many manual processes, such as email and spreadsheets, that traditionally slow security teams down when they are investigating incidents, DePaoli said.
"Given the relationships that ServiceNow has on the IT side, this is a natural extension of some of the capabilities," DePaoli said, describing the platform as a "structured security response engine."
Security Operations, released last year, streamlines incident response operations by culling data directly from security vendors into IT workflows.
"This saves a security analyst a ton of time," DePaoli told CRN.
When an incident is detected, the ServiceNow platform automatically connects with Palo Alto Networks AutoFocus and WildFire solutions to enrich reporting with relevant threat detection information.
Tanium, which secures endpoints, provides responders with information about IP addresses that endpoints are connected to and the processes running on those endpoints.
ServiceNow can also support remediation efforts by making direct changes to Palo Alto Networks firewalls, as well as provide post-incident reviews.
The integrated product is available to all ServiceNow partners focused on security, DePaoli said.