louis-reed-pwcKF7L4-no-unsplash.jpg

SecOps Success

How A Leading Pharmaceutical Biotech Company Saved 960 Hours Per Year with ServiceNow

The Challenge

When this large pharmaceutical company came to GlideFast Consulting for our services, the organization was already actively using ServiceNow for Security + Operations (SecOps). They had previously worked with another ServiceNow partner to configure and customize their Security Incident Response and Vulnerability Response applications, but the solution was no longer meeting their needs.

With Security Incident Response, there were several customizations in place that were causing malfunctions with their reporting. In addition to fixing these malfunctions, the client was also looking to add enhancements to reporting, Performance Analytics, and importing Threat Intelligence feeds. At the time, the company’s staff members were manually creating trending reports and were seeking a solution that would automate the process to save the company time, money, and headaches. 

Image by National Cancer Institute

The client commissioned GlideFast Consulting to revert their Security Incident Response application back to the out-of-the-box solution, reinstate the Vulnerability Response application, and leverage automations, analytics, and reporting to improve workflows and staff efficiency. 

As for Vulnerability Response, the client had stopped using the application altogether. Misconfigured customizations were overwriting CMDB data and IT agents were overwhelmed with hundreds of incorrectly assigned tickets. As a work-around, the company was using basic ITIL tickets to assign vulnerability tickets to their IT teams. While a functional fix, this solution was entirely manual, had little to no accountability or tracking metrics attached, and was deemed an inefficient use of company time.

The GlideFast Consulting

Solution

The GlideFast Consulting team worked closely with the client’s staff to develop an effective solution that would stand the test of time and deliver lasting impact. In addition to the technical work in the Now Platform, GlideFast held daily scrum calls, weekly demos and meetings, and knowledge transfer sessions with the client team to ensure the solution met their needs and expectations. 

GlideFast Consulting was able to design, propose, and implement the following solutions for the client:

Security Incident Response

First, GlideFast Consulting returned the client’s Security Incident Response tickets to the National Institute of Standards and Technology (NIST) state and process flow. From there, the team configured Performance Analytics to collect the average time to Respond, Identify, Contain, and Resolve tickets, and create a centralized view of performance. 

 

Leveraging the power of ServiceNow’s automations and predictive intelligence to improve threat management, GlideFast integrated Virus Total to automate threat lookups and imported Threat Intelligence feeds to conveniently link threats to Security Incidents. Security Incident Catalog was also added to the client’s Service Portal so users could report potential security incidents and GlideFast configured the Post Incident Review for critical Security Incidents. 

Vulnerability Response

In order to streamline Vulnerability Response, GlideFast integrated Qualys with ServiceNow, allowing vulnerabilities to be imported into the company’s Now Platform. We installed Vulnerability Calculators to automatically attach risk ratings to each vulnerability and configured auto-assignment rules to direct vulnerability tickets to the appropriate remediation team. 

 

Additionally, business rules were put in place to automatically defer and close vulnerabilities based on specific criteria. A catalog item was also implemented on the Service Portal, allowing users to manually request a vulnerability scan if necessary. 

 

To improve tracking and accountability, GlideFast configured Performance Analytics to record important data such as average time to remediate an issue, number of critical vulnerabilities, open critical vulnerabilities by assignment group, and number of open and closed tickets per month. 

The Results

As we had projected, in just a few months GlideFast Consulting implemented an effective and powerful ServiceNow Security Operations solution for the client’s team. 

By replacing the company’s manual collection of trending reporting with automated performance reporting for Security Incident Response, GlideFast’s solution saved the company eight hours of manual work per week. Now, instead of spending an entire workday collecting data, IT staff can easily access Performance Analytics on their dashboard with a few simple clicks.  

Integrating Qualys with ServiceNow dramatically improved the company’s productivity. The client’s staff no longer had to manually search Qualys and generate ITIL tickets for Vulnerability Response, a process that took an average of thirty minutes per ticket. Now, vulnerability tickets are automatically created and closed by the Qualys integration, completely alleviating IT staff of the ticket assignment process. As the company’s staff created an average of 25-30 tickets per month, GlideFast Consulting’s solution saved the company up to 15 hours of manual work per month. 

The client deemed this a highly successful partnership and engaged GlideFast Consulting for additional services to implement ServiceNow Governance, Risk, and Compliance (GRC) in their instance.

Hours of manual reporting saved per week

Hours of ITIL ticket generation saved per month

Connect with our team.

Learn GlideFast Consulting can take your ServiceNow instance to new heights.