TMLabs Darktrace® Integration ServiceNow® Security Operations

TMLabs Darktrace® Integration ServiceNow® Security Operations

Darktrace® for Security Operations for ServiceNow enables a ServiceNow instance to connect to a customer’s Darktrace® Enterprise Immune System. Darktrace® is a self-learning cyber AI technology that detects novel attacks and insider threats at an early stage by automatically identifying breaches for further triaging and investigation. By integrating into ServiceNow Security Operations, cyber security teams using ServiceNow Security Incident Response (SIR) and Threat Intelligence (TI) applications are now armed with real-time data from Darktrace® to plug into existing prioritisation and resolution workflows.

Business Challenges:

  • Manual swivel-chairing between various scanning tools and ServiceNow is time-consuming and error prone.
  • ServiceNow SecOps requires visibility of all cyber-threat sources in real time.
  • Bespoke and customised integrations between Darktrace® and ServiceNow are not certified and carry substantial risks of technical debt, high maintenance and operational failure.

Key Features / Benefits

  • Accelerate detection and investigation of cyber-threats.
  • Automated near real-time creation of Security Incidents in ServiceNow.
  • NIST framework compliant using OOTB ServiceNow Security Incident Response.
  • Bi-directional integration to ensure both ServiceNow and Darktrace® process.
  • A single pane-of-glass to manage the integration and workflow.

Download Now

Tobias Schwartz, TMLabs co-founder and Principal Architect, had this to say about this latest innovation: “AI-assisted cyber-attacks are on the rise with an ever-growing volume and sophistication of threats. To be able to respond effectively, security teams need to employ high degrees of automation and machine learning. Cyber products need to integrate seamlessly to realise maximum value of an organisation’s total cyber investment. Darktrace’s AI-powered products ‘Enterprise Immune System’ and ‘Antigena’ integrated with ServiceNow’s SecOps best in class security incident workflows, automation and analytics will leapfrog customers’ cyber defence maturity.”

Darktrace had this to say about the partnership with TMLabs: “Interoperability with other technologies is at the heart of everything we do at Darktrace. This integration simplifies workflows for ServiceNow customers and extends the value of Self-Learning AI to mutual customers.”

The solution has been architected in a modular fashion, and can be tailored to any industry and customer context by utilising ServiceNow Now Platform features. TMLabs are able to assist with implementation of the Darktrace® for Security Operations Integration with any customer globally.