sb-eu logo
Story image

BitSight and ServiceNow announce integrations improving cyber risk management

26 Sep 2019

Security ratings company BitSight and ServiceNow have announced the launch of two new certified ServiceNow applications – BitSight for Vendor Risk Management and BitSight for Security Incident Response – now available in the ServiceNow app store.

These applications bring a new level of automation, prioritisation, and insight, providing customers to digital workflows.

These integrations build on an existing partnership between the two companies, including joint go to market activities and BitSight membership in the ServiceNow IRM Ecosystem announced earlier this year.

Together, BitSight and ServiceNow provide organisations with prioritised visibility and automated workflows to manage cyber risk, and a system that gives customers the ability to take action, report and monitor the cyber health of their own organisation and their broader business ecosystem.

Third-party risk is a top concern for companies worried about data privacy and service availability and facing an ever-expanding list of vendors.

With the BitSight for Vendor Risk Management application, customers have better visibility on a continuous basis to help prioritise their resources, enable data-driven conversations with vendors, and bring scale to their assessment and remediation processes.

Risk leaders now have access to BitSight Security Ratings, risk vector grades, 12 months of ratings history and alerts for their third-parties within ServiceNow, including the ability to share data directly with third parties.

Additionally, customers can create Vendor Risk Issues using BitSight alerting capabilities, which in turn integrate with ServiceNow’s workflows to initiate the remediation process with vendors.

With ServiceNow’s Vendor Risk Management portal and mobile capabilities, employees and vendors gain a streamlined experience.

Security teams continue to be plagued with more work than available staff, driving intense interest in prioritisation based on business impact.

With the BitSight for Security Incident Response application, joint security leaders can leverage compromised system event information from BitSight to pinpoint and control attacks within their own corporate infrastructure.

With BitSight for Security Incident Response, customers gain access to event forensics data that reveals source ports, destination ports, time stamps, and more to unite security and IT teams for faster and more effective threat response and remediation.

ServiceNow’s correlation of risk, threat, and business intelligence as part of closed-loop workflows enables better, faster and more efficient task hand-off and coordinated security responses, while BitSight dashboards and reporting features provide visibility into the organisation’s security performance and progress.

“Every organisation is challenged to measure and manage cyber risk in their own environment and extended business ecosystem and quickly address related cyber threats and incidents when they arise,”  says BitSight strategic partnerships vice president Matt Cherian.

“Many businesses lack a centralised, holistic view into cyber risk, requiring companies to spend scarce resources on unnecessary manual work,” says ServiceNow security business unit business development senior director Odin Olson.

Story image
Why DX is not complete without a transformed security architecture
Secure Access Services Edge (SASE) is the process by which core WAN edge capabilities like SD-WAN, routing, and WAN optimisation at branch locations are integrated with cloud-based security services like secure web gateways, firewall-as-a-service, cloud access security brokers, and more.More
Story image
HackerOne launches penetration testing to empower digital transformation
“In today’s agile environments, pentest platforms should seamlessly integrate with every aspect of the software development lifecycle so that findings are quickly pushed to the right developer and vulnerabilities are fixed faster."More
Story image
Common misconceptions about smart homes and biometrics
The real cause of most attacks is not biometrics itself, but the storage of biometrics data in a centralised database.More
Story image
MEF grants 3.0 SD-WAN certification to Fortinet
MEF has recently certified Fortinet’s Secure SD-WAN offering as being able to support MEF 3.0 SD-WAN services.More
Story image
NCC Group chosen to help improve IoT security standards for all sectors
“At NCC Group, security is in our DNA and that's why we're excited to work with the ioXt Alliance in raising security standards within the IoT ecosystem."More
Story image
Oracle combines cloud automation with comms security in new solution
The Oracle Communications Security Shield (OCSS) Cloud is built on the company’s cloud infrastructure, and uses AI and real-time enforcement to combat the heightened risk of infrastructure attacks presented to contact centres and enterprises.More