ServiceNow adds new features to Major Security Incident Management Workspace

ServiceNow has added new features to its Major Security Incident Management (MSIM) Workspace platform, which it launched in December 2021. The features allow security teams greater customization of the incident response service and come as ServiceNow announced its latest Now Platform San Diego release.

MSIM Workspace a mechanism to track and resolve security incidents

ServiceNow launched MSIM Workspace last year to help security teams collaboratively respond to critical security incidents. The platform allows users to share and view files/folders on security issues, view and update incident tasks, and communicate through dedicated chat channels. It is designed to work alongside other ServiceNow security incident and vulnerability response product capabilities and offers features including:

• A visual task board to organize incident response tasks across linked security incidents, vulnerabilities, and teams
• Automated workflows to notify stakeholders, create collaboration folders and chat channels once a major security incident is created
• File explorer component to organize and track collection of artifacts (files or logs) related to the major security incident via Microsoft SharePoint integration
• A timeline of significant events for end-to-end visibility on incident progress, including rollup of affected assets, users, locations, and team resources, as well as a timeline of significant incident milestones

Speaking to CSO, ServiceNow principal solutions consultant James Neal says that these features provide organizations with the tools to create an organized, quick and effective approach to security threats, which are often extremely time sensitive. “Deliberation around protocol or uncertainty concerning the nature of an incident can be detrimental to an organization and its customers. Effective and timely responses are at a premium in today’s increasingly complex security environment.”

New MSIM Workspace version features customizable options

With its update, MSIM Workspace version 2.0.0 offers new customizable capabilities that can be applied to the platform. Users can now create their own report templates, add standard and custom fields to report templates that are dot-walkable (a ServiceNow feature that provides access to fields on related tables from a form, list, or script), and format and configure reports based on requirements using report sections, ServiceNow wrote on its website.

They can also add branding to reports and use widgets to define and include UIB elements such as data visualizations, lists to define and include related table information, and template scripts to include any data not directly dot-walkable. Furthermore, ServiceNow has provided two default report templates – Technical and Executive – which can be previewed during design time and previewed/shared with stakeholders during run time, the company added.

“Our new Status Reports feature allows for vital information to be compiled and collated quickly and easily, before being distributed to the relevant stakeholders. Action can then be far more targeted and effective,” Neal says.