• Last Updated
    Jun 26, 2024
  • Version
    2.0.0
  • Compatibility
    ThreatQ >= v5.12.1
  • ServiceNow CDF

    ThreatQuotient

    Overview

    ServiceNow is an incident response & workflow platform that allows users to create, track, and manage incidents across their entire business.

    The ServiceNow CDF for ThreatQ enables the automatic ingestion of tickets & their context from ServiceNow, into ThreatQ.

    The integration provides the following feeds:

    • ServiceNow Security Incidents - ingests Security Incidents from ServiceNow’s Security Incident Response (SIR) module.
    • ServiceNow Security Cases - ingests Security Cases from ServiceNow’s Threat Intelligence (TI) module.
    • ServiceNow Security Incident Response Task - ingests incident response tasks from ServiceNow’s Security Incident Response module into ThreatQ.
    • ServiceNow Service Desk Incidents - ingests service desk incidents from ServiceNow into ThreatQ.
    • ServiceNow Observables - ingests observables from ServiceNow’s Threat Intelligence module into ThreatQ as indicators.

    The integration ingests the following system objects:

    • Adversaries
    • Attack Patterns
    • Incidents
    • Indicators
    • Malware
    • Tools

    Copyright © 2025, ThreatQuotient, Inc. All Rights Reserved. Privacy Policy