Modern, digital-first businesses rely on agile, optimized IT and security operations teams to effectively monitor and secure their complex applications, infrastructure and workflows that ultimately drive increased productivity and improved user experiences. Implementing a high-performance, end-to-end process to achieve these positive outcomes can be challenging as it oftentimes requires combining multiple data silos and technologies for different teams with contrasting roles and responsibilities. Sumo Logic’s industry-leading machine data analytics platform and Cloud SIEM, combined with a new suite of native integrations for ServiceNow, solves this challenge by bringing full coverage to these IT and security workflows by automatically identifying critical events and potential threats with enriched context from assets, leading to improved service outcomes, application reliability, risk management and ROI.

Sumo Logic’s suite of integrations for ServiceNow covers three key focus areas for comprehensive coverage, including:

• Native event and incident webhook integrations that enable powerful threat detection and event management for your ITOM, ITSM and incident response workflows.

• Support for ServiceNow’s Security Incident Response (SIR) platform, bringing real-time synchronization and transformation of Sumo Logic Cloud SIEM Insights into enriched, contextual Security Incidents.

• Participation in ServiceNow’s ServiceGraph with a new connector that collects auto-discovered, ephemeral AWS and VMware asset data from Sumo Logic’s observability solution and populates the ServiceNow Configuration Management Database (CMDB) to give teams visibility beyond traditional IT assets.

Let’s take a closer look at these three integrations to see how they help drive improved outcomes.

Native Event and Incident Management

Sumo Logic’s native webhook integrations for ServiceNow ITOM, ITSM and Security Incident Response enable IT and Security Ops teams to efficiently manage events and security incidents at scale with powerful automation and deep context. These cloud-native webhook integrations now also support auto-resolution when a triggered condition resolves itself, making it easier than ever to leverage Sumo Logic’s Continuous Intelligence Platform to proactively investigate anomalous activities, reduce user impact and increase productivity through the delivery of reliable, secure apps and IT services. Just configure a monitor for a given condition (or outlier), and route the alert directly to ServiceNow.

In addition to automatic alerting and resolution, users can also push events or incidents on-demand as part of their investigative workflow directly in log search.

To learn more about our new and updated ServiceNow webhook integrations, check out the integration listing and technical documentation.

Security Incident Response

The new integration with ServiceNow's Security Incident Response (SIR) platform gives Sumo Logic Cloud SIEM security analysts the ability to seamlessly ingest and transform Cloud SIEM Insights into ServiceNow’s platform as first-class Security Incidents. Incidents that have been created through periodic polling of Sumo Logic’s Cloud SIEM are also automatically enriched with indicators of compromise and associated MITRE ATT&CK techniques identified by Sumo Logic, providing valuable context to security operations teams, improving mean-time-to-response and enabling more rapid and robust investigation of security threats.

Risk scores, configuration items, Cloud SIEM Insight descriptors, and other observables are all automatically normalized via the integration to keep data organized and workflows consistent.

We are excited to provide this free integration today for joint customers on the ServiceNow Store. To learn more about how this new integration works, watch our demo video below or review the SIR integration documentation.

Digital Products and Services Lifecycle

Modern application development, deployment and operational workflows have resulted in the need to expand the traditional CMDB system of record beyond traditional IT ops for proper visibility and context. Sumo Logic’s new connector for the ServiceNow ServiceGraph automatically shares data ingested through auto-discovery of ephemeral AWS and VMware assets to update the CMDB in real time. Assets discovered by Sumo Logic are also shared with Security Incident Response to enrich security incidents, driving more efficient triage and risk management.

To learn more about this free integration, please visit the ServiceNow Store.

Get Started Now!

The Sumo Logic integrations for ServiceNow provide full coverage across IT and security operations workflows.

To get started, check out webhooks integration or review the SIR and ServiceGraph integrations in the ServiceNow Store. If you don’t yet have a Sumo Logic account, you can sign up for a free trial today.

Additional Resources

For more great security-focused reads, check out the Sumo Logic blog.

Download the Sumo Logic Continuous Intelligence Report that quantitatively defines the state of the modern application stack and the shift in technology used by enterprises adopting Cloud and DevSecOps during the COVID-19 global pandemic.