Pricing Login
Pricing
Support
Demo
Interactive demos

Click through interactive platform demos now.

Live demo, real expert

Schedule a platform demo with a Sumo Logic expert.

Start free trial
Back to blog results

September 7, 2021 By Drew Horn

Sumo Logic brings full coverage to modern IT and SecOps workflows with ServiceNow

Modern, digital-first businesses rely on agile, optimized IT and security operations teams to effectively monitor and secure their complex applications, infrastructure and workflows that ultimately drive increased productivity and improved user experiences. Implementing a high-performance, end-to-end process to achieve these positive outcomes can be challenging as it oftentimes requires combining multiple data silos and technologies for different teams with contrasting roles and responsibilities. Sumo Logic’s industry-leading machine data analytics platform and Cloud SIEM, combined with a new suite of native integrations for ServiceNow, solves this challenge by bringing full coverage to these IT and security workflows by automatically identifying critical events and potential threats with enriched context from assets, leading to improved service outcomes, application reliability, risk management and ROI.

Sumo Logic’s suite of integrations for ServiceNow covers three key focus areas for comprehensive coverage, including:

  • Native event and incident webhook integrations that enable powerful threat detection and event management for your ITOM, ITSM and incident response workflows.

  • Support for ServiceNow’s Security Incident Response (SIR) platform, bringing real-time synchronization and transformation of Sumo Logic Cloud SIEM Insights into enriched, contextual Security Incidents.

  • Participation in ServiceNow’s ServiceGraph with a new connector that collects auto-discovered, ephemeral AWS and VMware asset data from Sumo Logic’s observability solution and populates the ServiceNow Configuration Management Database (CMDB) to give teams visibility beyond traditional IT assets.

Let’s take a closer look at these three integrations to see how they help drive improved outcomes.

Native Event and Incident Management

Sumo Logic’s native webhook integrations for ServiceNow ITOM, ITSM and Security Incident Response enable IT and Security Ops teams to efficiently manage events and security incidents at scale with powerful automation and deep context. These cloud-native webhook integrations now also support auto-resolution when a triggered condition resolves itself, making it easier than ever to leverage Sumo Logic’s Continuous Intelligence Platform to proactively investigate anomalous activities, reduce user impact and increase productivity through the delivery of reliable, secure apps and IT services. Just configure a monitor for a given condition (or outlier), and route the alert directly to ServiceNow.

ServiceNow Trigger Conditions

In addition to automatic alerting and resolution, users can also push events or incidents on-demand as part of their investigative workflow directly in log search.

ServiceNow Log Search

To learn more about our new and updated ServiceNow webhook integrations, check out the integration listing and technical documentation.

Security Incident Response

The new integration with ServiceNow's Security Incident Response (SIR) platform gives Sumo Logic Cloud SIEM security analysts the ability to seamlessly ingest and transform Cloud SIEM Insights into ServiceNow’s platform as first-class Security Incidents. Incidents that have been created through periodic polling of Sumo Logic’s Cloud SIEM are also automatically enriched with indicators of compromise and associated MITRE ATT&CK techniques identified by Sumo Logic, providing valuable context to security operations teams, improving mean-time-to-response and enabling more rapid and robust investigation of security threats.

Risk scores, configuration items, Cloud SIEM Insight descriptors, and other observables are all automatically normalized via the integration to keep data organized and workflows consistent.

ServiceNow Security Incident Response

We are excited to provide this free integration today for joint customers on the ServiceNow Store. To learn more about how this new integration works, watch our demo video below or review the SIR integration documentation.

Digital Products and Services Lifecycle

Modern application development, deployment and operational workflows have resulted in the need to expand the traditional CMDB system of record beyond traditional IT ops for proper visibility and context. Sumo Logic’s new connector for the ServiceNow ServiceGraph automatically shares data ingested through auto-discovery of ephemeral AWS and VMware assets to update the CMDB in real time. Assets discovered by Sumo Logic are also shared with Security Incident Response to enrich security incidents, driving more efficient triage and risk management.

ServiceNow Observables Data

To learn more about this free integration, please visit the ServiceNow Store.

Get Started Now!

The Sumo Logic integrations for ServiceNow provide full coverage across IT and security operations workflows.

To get started, check out webhooks integration or review the SIR and ServiceGraph integrations in the ServiceNow Store. If you don’t yet have a Sumo Logic account, you can sign up for a free trial today.

Additional Resources

For more great security-focused reads, check out the Sumo Logic blog.

Download the Sumo Logic Continuous Intelligence Report that quantitatively defines the state of the modern application stack and the shift in technology used by enterprises adopting Cloud and DevSecOps during the COVID-19 global pandemic.

Complete visibility for DevSecOps

Reduce downtime and move from reactive to proactive monitoring.

Sumo Logic cloud-native SaaS analytics

Build, run, and secure modern applications and cloud infrastructures.

Start free trial
Drew Horn

Drew Horn

Director, Business Development, ISVs

As a Director of Business Development, Drew is responsible for providing leadership and evangelism for the App Intelligence Partner Program, helping independent software vendors successfully evaluate and integrate the Sumo Logic platform with their solutions.

Drew has over 15 years of experience in IT ranging from early stage startups to Fortune 500 enterprises across engineering, quality assurance, DevOps, customer success, solutions engineering and professional services.

Recently, Drew was the Senior Director of Automation at Applause (a Vista Equity Partners portfolio company) where he spearheaded the GTM strategy, customer success and professional services for their test automation offering. Prior to joining Applause, Drew lead the DevOps team at Amherst InsightLabs, facilitating the delivery and operation of data analytics platforms used to power Amherst's broker dealer, asset management and single family buyer/renter platforms. Drew started his career in InfoSec, helping enterprise network security software development teams build, test and deliver high quality products. He holds a B.S. in Mathematics from the University of Texas, Austin.

More posts by Drew Horn.

People who read this also enjoyed