ServiceNow
Speech Title Exploring ServiceNow’s strategy for Attack Surface Management (ASM)
Why the new concept “ASM” is in demand for managing security
Taiki Uchida
Senior Solution Sales Executive, Security
ServiceNow Japan
Among the “10 Major Security Threats” identified every year by Japan’s Information-technology Promotion Agency (IPA), ransomware attacks, supply chain attacks, targeted attacks, and internal fraud rank highest. In such a situation, says Taiki Uchida of ServiceNow Japan, “it is difficult to obtain security by human hands alone.”
What is it that makes security so hard to manage? According to Mr. Uchida, “It comes down to the challenge of managing security by human intervention. The thinking of ServiceNow is rather than having humans respond directly to alarms and notifications, the role of humans should be dedicated to making decisions based on what is taught by the system.”
A new security management concept gaining attention in this regard is Attack Surface Management (ASM). ASM is “a management method that investigates which IT assets information can be accessed from outside the organization and continually evaluates risks,” explained Mr. Uchida. Information such as that obtained from threat intelligence services is stored in a database, and detection and evaluation work continues to be carried out, along the lines of, “Are there any configuration setting errors or vulnerabilities?” or “Are there any unknown devices?”
ServiceNow has announced plans to provide a “Threat Intelligence Security Center (TISC)” from February 2024 as a solution incorporating this ASM approach. Providing high-quality threat intelligence information to clients, it will be an effective tool for vulnerability management.
Mr. Uchida described it as a solution that will “organize and integrate the countless publicly announced threats information for provision, while being equipped with functions for automatically detecting vulnerabilities that need addressing and issuing a response ticket at the press of a button, as well as functions that visually display the course of action.”
By making use of the functions provided by the TISC, threat intelligence can be efficiently integrated with security operations. It will bear watching as a solution realizing ASM and vulnerability management at a high level.
Related Links
ServiceNow
- Deloitte Tohmatsu Group ‘Trust’ guarantees the legitimacy of the individual Demonstrating social value to become the source of DX
- Cisco Systems Ensuring business continuity with solutions that make up for security personnel shortages
- Zscaler “Deception Technology” protecting companies from supply chain attacks
- Secureworks Protecting companies from the latest threats with XDR, merging technology with expert knowledge
- ServiceNow Why the new concept “ASM” is in demand for managing security
- BAE Systems Japan Nations’ cybersecurity is shaped by the private sector
- BlackBerry Japan Using next-generation AI solutions to counter attacks that are evolving with AI
- Palo Alto Networks Blocking attacks with the SASE solution developed by Palo Alto Networks making extensive use of AI
