ServiceNow, a leading provider of management tools for security and IT operations, has joined forces with Synack to help Security Operations Center (SOC) operators spot and correct gaps in vulnerability detection and protection.

Enterprises rely on ServiceNow to monitor, manage and respond to security incidents from across their hybrid infrastructure. By cohesively gathering, correlating and remediating incidents originating from their wide spectrum of security defenses, ServiceNow improves an enterprises’ SOC workflows, efficiency and effectiveness.

Although a SOC’s defenses, led by their ServiceNow implementation, can be best-in-class, they are, by nature, reactive to vulnerabilities and breach attempts as they occur. Offensive security testing allows an enterprise to proactively evaluate effectiveness and proper configuration of security defenses and spot and correct gaps in vulnerability detection and protection before actual attacks occur.

Traditional approaches to security testing include yearly compliance audits and pentests which, while necessary, are not dynamic enough to test defenses against new vulnerabilities that may surface at any time. At the same time, requiring SOC staff to proactively test security defenses on a continuous basis has historically been impractical and too costly.

To address this challenge, Synack’s Premier Security Testing Platform leverages the power of our automated smart scanning combined with human triage and pentesting by the Synack Red Team (SRT). The SRT is our expert, vetted community of 1,500+ security researchers available on demand to test against new exploits. Using Synack testing, SOCs receive confirmed reports of exploitable vulnerabilities along with recommendations for remediation.

Synack’s certified integration with ServiceNow Vulnerability Response Management allows enterprises to manage exploitable vulnerabilities discovered by Synack as part of their established workflows and processes in ServiceNow. Using the Synack integration, the entire lifecycle of offensive testing and security gap remediation is managed from within ServiceNow, streamlining SOC efficiency and responsiveness to emerging threats.

The addition of Synack to ServiceNow offers the following capabilities:

  • Enables 24x7x365 testing of network and application assets monitored by a SOC team.
  • Proactively tests security controls, with continuous adversarial testing against new vulnerabilities.
  • Combines smart and automated scanning with human intelligence for thorough analysis of exploitable vulnerabilities.
  • Scalable, on-demand testing via the SRT.
  • Automated testing, combined with human triage, greatly reduces SOC alert noise and false positives.
  • Identify sources of critical risk to prioritize assets for deeper penetration testing and targeted SOC remediation efforts.
  • Attacker resistance score to quantify risk on an organization and asset-by-asset basis.
  • Integrated management of testing, findings, and patch verification.
  • Detailed reports and recommendations concerning exploitable vulnerabilities, triaged by the SRT and Synack Operations.

How Synack complements and optimizes a ServiceNow-managed SOC:

  • Synack findings are integrated with the SOC’s ServiceNow tools and processes to ensure coordinated workflow.
  • Efficiently blends the benefits of full time in-house or dedicated SOC resources with the diverse perspectives of a team of vetted security testing talent to meet surges in demand.
  • Allows SOC operators and analysts to identify gaps in security detection and prevention capabilities, and through re-testing by SRT, prove that their SOC remediation efforts are successful.
  • Provides a manageable and repeatable security testing process to facilitate continuous posture improvement.

To learn more about the ServiceNow and Synack partnership, visit our ServiceNow partner page.

Posted by Charlie