Import Armis Alerts as ServiceNow Security Incidents.
The Armis platform’s cloud-based threat detection engine uses machine learning and artificial intelligence to detect when a device is operating outside of its normal known-good baseline. Deviations could indicate device misconfigurations, policy violations, abnormal behavior such as inappropriate connection requests or unusual software running on a device, or threats that indicate a device has been compromised.
Tickets opened by the Armis platform include comprehensive device and incident details such as the device type, classification, threats, vulnerabilities, and more.
- Open tickets automatically for unmanaged, IoT, OT, medical device incidents
- Import Security Incidents in near real-time
- Triage, prioritize, and close Armis Alerts from ServiceNow
- Stop threats efficiently with policy-based enforcements
- Identify and mitigate risks of all devices automatically as they connect to your network, including unmanaged, IoT, OT/ICS, and medical devices
- Receive additional and contextual information about devices and events from the Armis platform
- Leverage policy-based actions in the Armis platform to remediate threats and update incidents for greater accuracy and efficiency.
- Import Armis Alerts as ServiceNow Security Incidents.
- Guided Setup and Embedded Help articles provide intuitive user experience.
- Integration Dashboards help contextualize and prioritize Armis Alerts.
Version 1.2.0
This release is Certified for Yokohama.
Adds support for "Critical" alerts from armis.
Version 1.1.10
This release is Certified for Washington and Xanadu. The Armis Security Incident Dashboard has been migrated to the new Platform Analytics Experience.
Version 1.1.10
This minor release is Certified for Vancouver, Utah and Tokyo. It updates the integration's dependency to require the 1.2.0 version or greater of the Armis Incident Integration. This uses Authorization flow to use a Flow Designer Action and submit the token via multipart/form-data for improved security.
- Armis Incident Integration v1.2.0 or higher
- ServiceNow Security Incident
- ServiceNow IntegrationHub Action Template - Data Stream
- Configuration Management (CMDB)
- System Import Sets