0
1.0.0
Australia, Zurich, Yokohama
Standalone Application
- The Google Threat Intelligence for ServiceNow TISC integration evolves security operations beyond simple Indicator of Compromise (IoC) ingestion. By unifying adversary-centric intelligence—including detailed Threat Actor profiles, Campaign tracking, and MITRE ATT&CK® TTPs—into the native ServiceNow workflow, the app provides a multi-dimensional view of the threat landscape.
- Analysts no longer just manage observables; they gain the context to understand who is targeting them and how they operate. With the ability to perform automated enrichment, sandbox analysis, and high-fidelity threat lookups within a single interface, SOC teams can pivot from reactive searching to proactive hunting. This unified approach dramatically reduces manual research time and accelerates the transition from detection to strategic resolution.
- Scheduled fetching of IoC streams and automatic creation of observables in ServiceNow TISC
- Run threat lookups, enrichment, directly in ServiceNow TISC workspace
Brand new integration to ingest IoC from Google Threat Intelligence into ServiceNow TISC by creating records in TISC Observable table. IoCs are fetched on a schedule and created as observables in ServiceNow TISC, enabling enrichment, and threat lookups.
Required ServiceNow plugins:
- Threat Intelligence Security Center for Security Operations
- Column Level Encryption Enterprise plugin on Xanadu
- Field Encryption Enterprise plugin on Yokohama
- Field Encryption Enterprise plugin on Zurich