With ExtraHop you can analyze terabytes of streaming packet data for deep insight into your network behavior. This data enables you to identify application problems, pinpoint network capacity issues, and observe malicious behavior—just to name a few possible use cases. But if this deep insight isn't tied to your service management workflow or if your process involves poorly coordinated cross-functional team cooperation through email, it might take hours or days to remediate. Wouldn't it be great if you could intelligently automate and precisely coordinate this process? Now you can with the new ExtraHop and ServiceNow integration.
ServiceNow is IT service management on steroids. Through its system management capabilities, you can quickly initiate incident resolution workflows and immediately notify the proper teams. It can automatically gather data from other systems and provide those teams with the information they need to accomplish their tasks. It can even help your teams prioritize those tasks. But more importantly, it eliminates inefficiencies and enables your teams to get more work done.
Combining our technologies enables you to automatically create an incident ticket in ServiceNow based on alert conditions detected by your Discover appliance. Download the ExtraHop for ServiceNow App from our Solution Bundles Gallery. Then, configure alerts such as HTTP, DNS, database, storage with a ServiceNow flag. That's it! When the ServiceNow ticket is created, your resolution workflow launches.
Use Case: Ransomware Remediation
Security needs dominate IT priorities. If you haven't seen ExtraHop's solution for ransomware, be sure to check out my colleague Tom Roeh's post.
The Ransomware Bundle can help protect your company's digital assets from ransomware attacks. The bundle includes alerts for four types of ransomware detection events. Install both bundles (ServiceNow and Ransomware), the ServiceNow app, and then add ServiceNow flags to these ransomware detection alerts.
If a ransomware alert is detected, a ticket is automatically created in ServiceNow, and can kickoff your network security workflow to quarantine the infected system and notify your security team. Time is critical in a ransomware attack. Having this real-time system in place can prevent you from becoming a victim.
Combine the ExtraHop for ServiceNow App with other solutions such as web, database, active directory, and others from our bundle gallery to rapidly solve your IT issues. The possibilities are endless!
This is a companion discussion topic for the original entry at https://www.extrahop.com/company/blog/2017/extrahop-and-servicenow/