Sysdig Brings Runtime Insights to ServiceNow Container Vulnerability Response

SAN FRANCISCO--(BUSINESS WIRE)--RSA -- Sysdig, the leader in cloud security powered by runtime insights, today announced an integration with ServiceNow Container Vulnerability Response (CVR), bringing runtime insights to help prioritize vulnerabilities for ServiceNow users. The ServiceNow CVR [1] application groups container vulnerabilities to enable teams to triage and remediate faster. With this integration, ServiceNow users can further triage with Sysdig by prioritizing what is active at runtime and therefore focus on issues that pose the greatest risk.

The cloud has fundamentally changed the anatomy and nature of modern applications, IT infrastructures, and processes involved. It creates a dynamic and growing attack surface of interdependent cloud workloads, services, and identities. Teams are often overwhelmed by an endless list of vulnerabilities and are looking for ways to drive greater efficiency in vulnerability management. Gartner® states in the Market Guide for Cloud-Native Application Protection Platforms (CNAPP), “Because security is often viewed as an obstacle to developers, it is absolutely critical to prioritize risks identified and provide sufficient context for the developer to remediate it.” [2]

Sysdig has taken a comprehensive approach to cloud-native application protection platform (CNAPP) security by rooting everything it does in its unique runtime insights. The company focuses on protecting the entire software lifecycle. Shift left alone is not enough as it is impossible to guard against every unknown threat. Sysdig helps organizations improve security posture by focusing on the vulnerabilities, misconfigurations, and compliance gaps that create the greatest risk. With Sysdig, teams can detect threats in real-time, prioritize the vulnerabilities that matter, and fix them fast with context.

Benefits of Sysdig in the ServiceNow CVR Application

Eliminate 95% of vulnerability noise: Runtime insights from Sysdig helps ServiceNow users prioritize the remediation of vulnerable packages by focusing on what is used at runtime. This reduces the number of vulnerabilities to fix by up to 95 percent and enables faster prioritization of issues that truly matter.

Faster remediation workflows: Security orchestration, automation, and response (SOAR) capabilities from ServiceNow can be leveraged to speed vulnerability remediation and patch workflows.

Reduce Total Time to Resolve (TTR): Time spent on vulnerability management can be significantly reduced at each stage of the process:

• Triage - Fewer vulnerabilities and alerts to focus on enables faster triage of urgent issues that manifest at runtime.
• Context - Detailed context on every container vulnerability, including image repo, image tag, cluster, and namespace speeds remediation.
• Tracking - A single view of all vulnerabilities within ServiceNow simplifies tracking and resolution issues.
• Response - ServiceNow makes it simple to utilize the vulnerability details from Sysdig and automate remediation workflows.

Comprehensive understanding of risk: Map Sysdig assets with the ServiceNow Configuration Management Database (CMDB) – including images and registries – to get a comprehensive view of risk.

Resources

• Read the ServiceNow integration launch blog from Sysdig.
• Visit Sysdig in the ServiceNow Container Vulnerability Response store.
• Learn more about the ServiceNow Container Vulnerability Response Module.
• Visit Sysdig booth at RSA: S-1827. On April 26 at 2PM PT, ServiceNow will be in the Sysdig RSA booth talking about their ServiceNow Container Vulnerability Response Module.

[1] Service Now CVR is also known as ServiceNow Vulnerability Response and Configuration Compliance for Containers.

[2] Gartner, Inc., Market Guide for Cloud-Native Application Protection Platforms, 14 March 2023 by Neil MacDonald, Charlie Winckless, Dale Koeppen.

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

About Sysdig

Sysdig helps companies secure and accelerate innovation in the cloud. Powered by Runtime Insights, the cloud security platform stops threats in real time and reduces vulnerabilities by up to 95%. Rooted in runtime, the company created Falco, the open standard for cloud threat detection. By knowing what is running in production, Dev and security teams can focus on the risks that matter most. From shift left to shield right, the most innovative companies around the world rely on Sysdig to prevent, detect, and respond at cloud speed.

ServiceNow, the ServiceNow logo, Now, Now Platform, and other ServiceNow marks are trademarks and/or registered trademarks of ServiceNow, Inc. in the United States and/or other countries.