Major Security Incident Management provides a unique user workspace and workflow methodology to coordinate various activities across different user groups and resolve major security incidents more efficiently.
Major Security Incident Management (MSIM) improves the major security incident remediation process with the following features:
• Dedicated workspace for managing major security incidents.
• Organize response tasks across multiple 'child' security incidents.
• Automate creation of collaboration folders and chat communication channels once a major security incident is created, as well as archival as part of incident closure.
• File explorer component to organize and track collection of artifacts (files) related to the major security incident via a Microsoft SharePoint integration.
• Chat channel manager and activity stream components to manage communications across multiple security, IT, and functional groups via a Microsoft Teams integration.
New
- Unified CISO dashboard got added with the below widget
- Major Security Incidents
Following applications are required to be installed:
- File Explorer for Security Incident Response
- Microsoft SharePoint File Explorer Connector for Security Incident Response integration
- File Explorer Component for Security Operations
- Chat integration with Security Incident Management
- Microsoft Teams Chat Connector for Security Incident Management
- Collaboration UI Component for Major Security Incident Management Workspace
- Security Incident Response
- Microsoft Teams Graph Spoke
- Microsoft Sharepoint spoke
Below are the four Integration Hub applications should be installed on the instance:
- ServiceNow IntegrationHub Runtime (com.glide.hub.integration.runtime)
- ServiceNow IntegrationHub Action Step - REST (com.glide.hub.action_step.rest)
- ServiceNow IntegrationHub Action Template - Data Stream (com.glide.hub.action_type.datastream)
- ServiceNow Flow Designer - Dynamic Inputs (com.glide.hub.dynamic_inputs)