Sysdig Brings Runtime Insights to ServiceNow Container Vulnerability Response

APRIL 25, 2023

SHARE:

Sysdig helps ServiceNow users eliminate 95% of vulnerability noise and focus on true risk

SAN FRANCISCO – RSA – (April 25, 2023) – Sysdig, the leader in cloud security powered by runtime insights, today announced an integration with ServiceNow Container Vulnerability Response (CVR), bringing runtime insights to help prioritize vulnerabilities for ServiceNow users. The ServiceNow CVR [1] application groups container vulnerabilities to enable teams to triage and remediate faster. With this integration, ServiceNow users can further triage with Sysdig by prioritizing what is active at runtime and therefore focus on issues that pose the greatest risk.

The cloud has fundamentally changed the anatomy and nature of modern applications, IT infrastructures, and processes involved. It creates a dynamic and growing attack surface of interdependent cloud workloads, services, and identities. Teams are often overwhelmed by an endless list of vulnerabilities and are looking for ways to drive greater efficiency in vulnerability management. Gartner® states in the Market Guide for Cloud-Native Application Protection Platforms (CNAPP), “Because security is often viewed as an obstacle to developers, it is absolutely critical to prioritize risks identified and provide sufficient context for the developer to remediate it.” [2]

Sysdig has taken a comprehensive approach to cloud-native application protection platform (CNAPP) security by rooting everything it does in its unique runtime insights. The company focuses on protecting the entire software lifecycle. Shift left alone is not enough as it is impossible to guard against every unknown threat. Sysdig helps organizations improve security posture by focusing on the vulnerabilities, misconfigurations, and compliance gaps that create the greatest risk. With Sysdig, teams can detect threats in real-time, prioritize the vulnerabilities that matter, and fix them fast with context.


Benefits of Sysdig in the ServiceNow CVR Application


Eliminate 95% of vulnerability noise: Runtime insights from Sysdig helps ServiceNow users prioritize the remediation of vulnerable packages by focusing on what is used at runtime. This reduces the number of vulnerabilities to fix by up to 95 percent and enables faster prioritization of issues that truly matter.

Faster remediation workflows: Security orchestration, automation, and response (SOAR) capabilities from ServiceNow can be leveraged to speed vulnerability remediation and patch workflows.

Reduce Total Time to Resolve (TTR): Time spent on vulnerability management can be significantly reduced at each stage of the process:
  • Triage – Fewer vulnerabilities and alerts to focus on enables faster triage of urgent issues that manifest at runtime.
  • Context – Detailed context on every container vulnerability, including image repo, image tag, cluster, and namespace speeds remediation.
  • Tracking – A single view of all vulnerabilities within ServiceNow simplifies tracking and resolution issues.
  • Response – ServiceNow makes it simple to utilize the vulnerability details from Sysdig and automate remediation workflows.
Comprehensive understanding of risk: Map Sysdig assets with the ServiceNow Configuration Management Database (CMDB) – including images and registries – to get a comprehensive view of risk.


Resources


[1] Service Now CVR is also known as ServiceNow Vulnerability Response and Configuration Compliance for Containers.

[2] Gartner, Inc., Market Guide for Cloud-Native ApplicationProtection Platforms, 14 March 2023 by Neil MacDonald, Charlie Winckless, Dale Koeppen.

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

ServiceNow, the ServiceNow logo, Now, Now Platform, and other ServiceNow marks are trademarks and/or registered trademarks of ServiceNow, Inc. in the United States and/or other countries.


Media Contact

Amanda McKinney Smith
[email protected]
703-473-4051

Sysdig Logo

About Sysdig In the cloud, every second counts. Attacks move at warp speed, and security teams must protect the business without slowing it down. Sysdig stops cloud attacks in real time, instantly detecting changes in risk with runtime insights and open source Falco. Sysdig correlates signals across cloud workloads, identities, and services to uncover hidden attack paths and prioritize real risk. From prevention to defense, Sysdig helps enterprises focus on what matters: innovation.

Sysdig. Secure Every Second.