Get Notified on What Matters Most with CrowdStrike and ServiceNow
Customers can build automated workflows using CrowdStrike Falcon® Fusion to trigger incident ticket creation in ServiceNow ITSM. Security and DevSecOps teams can leverage detections and incidents from the CrowdStrike Falcon platform to help streamline incident management and accelerate response capabilities. You can also orchestrate remediation of vulnerabilities by creating ServiceNow tickets directly from Spotlight, and easily configure the workflow to attach auto-generated reports, enabling you to track the remediation progress of your security team to improve efficiency and monitoring.
This ServiceNow IT Service Management (ITSM) plugin leverages Falcon Fusion, a CrowdStrike Offering Feature, to allow you to receive Falcon-generated alerts via ServiceNow ITSM.
Configure incident tickets
Configure incident tickets based on triggering events so that your team is alerted to what matters most to your organizations and your workflows
Gain additional context
Gain additional context from customized notifications to enable faster investigation, triage, and remediation
Create consistent workflows
Create consistent and repeatable automated workflows to accelerate response, improving SOC efficiency
Configure consistent attributes
Configure consistent attributes such as the Assigned User, Assigned Group, Category, a Short Description and Attributes from the event to be included in the ticket given the outlined trigger or condition
Easily configure workflows
Easily configure Falcon Spotlight workflows to attach auto-generated reports to ServiceNow incident tickets created in Spotlight. Even if you do not have Spotlight access, you can view relevant vulnerability details directly from the ServiceNow ticket.