Challenges:
- Manual practices in SecOps workflows to remediate security incidents and vulnerabilities in customer environment.
- Inconsistent and inaccurate analytics.
- Delayed remediations.
- Dependencies on Infrastructure teams (network, EUS, server, apps) to fetch right information from tools.
Background:
ServiceNow platform for Managed Security Services for existing and new customers. Multiple customers to be onboarded on a platform to provide unified SOAR managed services.
Solutions:
- Automated SOAR playbooks for following use cases like DDOS, Malware attack, Suspicious app, Confidential data exposure, Suspicious activity detected from Linux user.
- Generalized Error Handling Framework.
- Orchestration workflows.
- Integration with McAfee EPO, Qradar.
Benefits:
- Security incident MTTR reduction.
- End to end automated workflows
Customer
Cognizant
Industry
IT Services
Location
Noida, India
Employees
1,000 to 5,000
Products
Security Incident Response