ServiceNow Security Incident Response supports hundreds of third-party integrations in multiple security products to enrich its collection of incident data. This includes connecting to many ServiceNow modules for security, networking, compliance, inventory, and other IT-related issues. It works with three AI-based tools: Flow Designer, a drag-and-drop virtual workflow creator; Predictive AIOps, analyzing event logs; and Now Assist, for case management.
Exchange shares SOAR. Cisco completed its acquisition of Splunk in early 2024 and now integrates more than 300 third-party tools with Splunk’s Enterprise Security and Attack Analyzer products. It comes with over 2,800 automated workflows that can be easily tied into playbooks that can be created with a visual editor. Future integration is promised with Cisco’s Talos Intelligence threat feed. Splunk has an AI assistant for its Search Processing Language, which allows for natural language prompting of queries. splunk can also be used in non-secure situations such as IT operations.
Swimlane Turbine has an extensive catalog of hundreds of third-party integrations for various security tools. This is enabled due to the support of various communication, including common rest APIs, webhooks, various telemetry sensors, and business intelligence tools. Swimlane claims to be the largest independent SOAR provider, meaning it does not offer any associated SIEM or XDR products. It has Turbine Canvas, an AI-based low-code automator, and Hero AI, which is used to automate case management playbooks. Pricing starts at $720,000 per year, with additional operational costs (such as using AI) on top of this.
Source link