Forescout and ServiceNow advance partnership to protect critical infrastructure from cyber threats


New integration continuously discovers and secures sensitive OT devices

Forescout Technologies, Inc. has announced its latest technology integration enhancements with longtime partner, ServiceNow. The integration intends to improve asset intelligence as well as threat prevention, detection and response for industrial control systems (ICS) and operational technology (OT) environments.

“Forescout and ServiceNow are introducing the future of integrated OT network defence,” said Pedro Abreu, chief product and strategy officer, Forescout. “Combining Forescout’s strength in control system discovery, classification and threat recognition with the power of ServiceNow  CMDB, which provides a single system of record for IT, will help eliminate network blind spots. It also reduces needless manual task hours and uncertainty currently threatening the OT and industrial Internet of Things (IoT) landscape today.”

The integration allows security teams to make informed decisions based on device type and environment to close the security gap from unmanaged OT devices and improve performance in crucial metrics such as “mean time to resolve” (MTTR) in remediating vulnerable or affected systems. Combining complementary technologies for OT discovery, threat detection and configuration management, the Forescout-ServiceNow integrated solution centralises security and improves resiliency in manufacturing, energy, transportation and other sectors where increasingly internet-connected infrastructure is often invisible to traditional cybersecurity controls.

Customers using Forescout to continuously discover and monitor OT and ICS environments can now leverage ServiceNow’s powerful configuration management database (CMDB) platform for more efficient asset, service and security management. The integration features a data-driven ability to automate device discovery, CMDB updates and prioritised remediation or incident management workflows based on risk level, easily scaling defences with technology and business demands.

“ServiceNow CMDB is the data platform for IT,” said Jeff Hausman, vice president and general manager of ITOM, Security and CMDB, ServiceNow. “Data enrichment of the ServiceNow CMDB via Forescout continuous device discovery and automatic workflows helps customers drive transformation, deliver services and provide operational resilience. ServiceNow and Forescout enable security teams to better understand their organisation’s OT and industrial IoT devices and expedite incident response to protect critical infrastructure.”

Capitalising on the enhanced OT and industrial IoT asset intelligence capabilities, customers can reduce risk further by taking advantage of the established Forescout-ServiceNow integration capabilities that automate workflows between the Forescout platform and ServiceNow Security Operations and IT Service Management (ITSM). Customers can accelerate security and operational incident detection, management and response processes while maintaining accurate asset intelligence throughout the process. As Forescout detects a device is non-compliant or compromised, an appropriate ServiceNow incident is created and aligned with CMDB asset record. Forescout can also automatically respond to the incident with relevant network or system actions per policy and keeps CMDB asset record accurate with real-time device context. This creates an end-to-end asset intelligence and incident management system that proactively reduces risk with streamlined operations.

As a ServiceNow design partner, Forescout played a pivotal role in helping ServiceNow create new and standardised IoT and OT classes for the ServiceNow CMDB, enabling a comprehensive CMBD based on real-time device profiles across IT, IoT and OT. The companies will continue working closely together to design the future of ServiceNow’s CMDB to easily accommodate an ever-growing array of device types. Forescout’s rich contextual device information for IT, IoT and OT environments, combined with orchestrated ServiceNow workflows, provides customers with a full-scale asset intelligence foundation that reduces risk by improving security posture and streamlining operations.

“Forescout’s integration with ServiceNow’s CMDB eliminates the need for spreadsheets and manual task of populating OT assets into an organisation’s CMDB. A continuous and up-to-date CMDB across IT and OT eliminates blind spots and reduces cyber risk,” said Robyn Westervelt, Research Director, Security & Trust, IDC.

The enhanced OT and industrial IoT Forescout-ServiceNow capabilities are available now.