Earlier this year, SafeBreach held its first-ever Validate Summit at Levi’s Stadium in Santa Clara, California. This in-person event brought together top cybersecurity leaders and innovators to discuss the changing requirements to build and optimize a proactive security organization.

We were honored to host a session led by Lou Fiorello, ServiceNow’s vice president and general manager of security products. ServiceNow provides a leading cloud-based workflow platform that enables enterprises to improve operational efficiencies by automating routine tasks. In 2018, Forbes named ServiceNow the world’s most innovative company, and the organization is both a technology partner and investor in SafeBreach.

Lou is responsible for ServiceNow’s portfolio of security orchestration and response and risk-based vulnerability management products. In this edition of our Voices from Validate series, we revisit his presentation on why ServiceNow invested in and partnered with SafeBreach and how our shared vision will transform enterprise security for our joint clients. 

What’s Required for a Progressive Security Operation?

“We’re seeing a growing need for security departments to enable better collaboration and drive security outcomes across the enterprise.” – Lou Fiorello, ServiceNow

The ServiceNow platform is multifaceted and robust, but it’s all united through one common data model. ServiceNow doesn’t typically identify misconfigurations or vulnerabilities in a security environment. Instead, the system pulls that information in through other strategic integrations, maps it to the enterprise context, and helps prioritize and drive remediation workflows, giving security teams a single view of where they’re at and what they can do to drive improvements.

While the ServiceNow and SafeBreach partnership will continue to evolve, Lou outlined how critical the breach and attack simulation (BAS) capabilities of SafeBreach have become in ServiceNow’s mission to enable progressive security operations. He demonstrated this by laying out two principles to follow for transforming enterprise security: 

1. Develop a baseline and create an accurate, detailed system of record on where you are today. This can only be accomplished with full visibility into your security ecosystem. You must know your assets, your threats and your exposure to those threats. Bringing in simulation technology like SafeBreach is key to fleshing out that baseline by determining where you have gaps in detection and control coverage.
2. Move that baseline forward. Once you’ve established your vulnerabilities, it’s time to prioritize mitigation efforts and acquire the necessary context, tools, and resources to achieve your security goals. SafeBreach is vital here as well, not only in providing ongoing, continuous validation of your security controls, but also in helping determine the right remediation steps to take first to improve your security posture.

How Will ServiceNow & SafeBreach Transform Enterprise Security?

By adding real-world simulation context, SafeBreach helps ServiceNow improve upon its established security strategy of empowering enterprise-wide workflow visibility. The holistic view this integration provides will enhance security operations at all levels, from security and risk & compliance teams up to the C-suite.

SafeBreach’s simulation results, control insights, and other data will integrate with three key products of the ServiceNow platform:

• Security Incident Response – SafeBreach’s simulation context will enhance ServiceNow’s control visibility dashboards and improve a user’s ability to respond with remediation efforts. 
• Threat Intelligence – The integration will enable automated detection coverage through simulation results feeding into MITRE heat-map dashboards displaying security effectiveness. 
• Vulnerability Response – ServiceNow and SafeBreach share a common objective of providing a clear way to both prioritize vulnerabilities and take immediate action to remediate them.

Lou concluded his presentation with highlights of what ServiceNow and SafeBreach have already achieved together and where we plan to go next by laying out our joint-solution roadmap for 2022 and beyond: 

Phase 1 – Control Visibility (Completed)

• Provided security posture dashboards with simulation results and insights
• Enhanced incident response workflows with the ability to remediate inconsistent or failed simulations

Phase 2 – Security Effectiveness (Completed)

• Flesh out MITRE ATT&CK TTP coverage trends
• Enrich the MITRE ATT&CK heat map with SafeBreach security scores 

Phase 3 – Risk-Based Vulnerability Management (In Progress)

• Prioritize vulnerabilities with security control context
• Optimize patch management

Phase 4 – Advanced Security Posture Management (Future State)

• Enable cloud workload cyber hygiene optics
• Prioritize and remediate cloud security gaps

Thank you, Lou, for sharing the exciting work being done behind the scenes of the ServiceNow and SafeBreach partnership. To learn more about how real-world simulation context enables greater visibility into your security ecosystem and drives faster, smarter remediation efforts, contact SafeBreach today. 

Be sure to check out our previous Voices from Validate post featuring IBM Security Services, and stay tuned for more in the coming weeks as we continue to share industry-leading insights and perspectives from SafeBreach’s Validate summit.