all right welcome everyone thank you so much for taking the time out of your day to join us for this webinar on getting started with security operations applications I hope you're all doing well and thank you for being here and for being a security operations customer I'm Sarah wood and I work in the outbound product management team with in security operations that service now and I'm located in the New York New Jersey area um I'm excited to be joined by Elizabeth scist from our amazing product success team um do you want to introduce yourself Elizabeth sure Elizabeth scist I have joined service now two and a half years ago had worked with service now uh Elite partners for the prior 11 years um focusing my last three years on security implementations so was excited to join the team uh couple years ago and support the product from on the inside happy to be here with you today excellent thank you Elizabeth so as you as you heard we've got some great experts on the call so we'd love to answer your questions at any time if you have a question feel free to pop it in the chat or use the Q&A feature um and we'll also have some dedicated time at the end really we're here to support you where you are at in your implementation Journey so don't you know hesitate to ask anything now we're not planning to cover any forward-looking statements but just in case we do our safe standard uh our standard Safe Harbor notice supplies to this presentation and it is part of our live on service now events program so we do encourage you to keep an eye out for future events and register on the community we'll share that a little bit later how to get to that um but we do have a security operations office hours coming up next week which we'd love for you to join and a couple more sessions coming up in September as well as other product success webinars um so we will share that a little bit later in the chat um before we get to the agenda I do want to remind everyone again we're here to answer your questions so feel free to use the Q&A button at the bottom of your Zoom for that to submit questions and then this is a recorded webinar so the recording will be available in the community to take a look at afterwards and once we do close out the session today you should receive a quick survey on your screen and we'd really appreciate it if you could take a minute to complete the survey so we can get your feedback and make sure we improve for future events uh more importantly we do want you to come away from this with a clear idea of what your next steps are towards your security operations implementation uh and so part of that we'll we'll cover a few different areas um with a bunch of helpful resources and links that we're going to share in the chat throughout the presentation and again it will be available uh in the community with links as well after the fact so you can revisit all of that now in this first part we're going to start with a quick overview of security operations and highlight some of the key resources for you or your team to dive deeper if you would like to but I will start first with a quick poll so I'm going to go ahead and launch that we want to know what your uh to implement or perhaps have already started implementing or are you know interested in feel free to share that with us in the poll if you've got other things that are top of mind uh go ahead and share it in the chat we're we're super interested this also kind of helps us you know maybe when we're when we're talking about certain things understand the audience and and what you're most interested in so it looks like you know most people interested in both I'm going to keep it open for 10 more seconds because we've got a couple responses still coming in but it's looking like you know most are interested in both some maybe a little bit unsure um which is totally fine too and and then if you're interested in something specific feel free to drop it in the chat as I said I'm going to go ahead and uh end that poll and share that out and we'll and we'll proceed so as many of you you know will already know about the portfolio the seops portfolio includes a suite of products that fit into sort of two broad areas so we have the ability to respond to vulnerabilities across Cyber attack surfaces which is largely achieved through our vulnerability Management Solutions which include um vulnerability response as well as application and container VR and you know configuration compliance uh and more recently we have security posture control which is our asset security posture management application um and so on the other side we have the ability to respond to incidents across you know the Enterprise and Enterprise security and so this is largely achieved through our case management solution for Enterprise security which is called security incident response and within that we also have um threat intelligence um we have data loss prevention incident response major security incident response and most recently we have our latest offering the threat intelligence security Center and so moving on second just interject on that threat intelligence security Center we did a recent webinar on that um it could be confusing that we have a threat Intel for incidents plugin as well as this threat intelligence security Center and to differentiate between between those two the threat Intel is giving you additional Insight uh on that threat awareness for managing your security incidents the threat intelligence security Center is for that threat Hunter team so it's a different activity than the sock security incident activity so there is a different user base of those tool two components so want to highlight that because that can be confusing because they use the same words yes thank you for that that's that's so so great so our threat intelligence module is part of security incident response um the new offering is a separate application alog together and as Elizabeth described in great uh great details so I think another thing to add in is our um now assist for security operations which is our even even more recent than threat intelligence security Center this is our generative AI offering for security operations and it's it's starting in the area of security instant response so things like security incident summarization and closure notes generation uh so you can kind of look forward to more information on that in the community in the coming days and weeks so just move along um into security instant response briefly uh this is just a high level look at you know the workflow and security incident response um and this is where we really sort of unlock Automation and workflows that enable you to respond to incidents faster uh by integrating your various security and Sim tools that you have into servers now as a central system of action and engagement where you can view and prioritize your alerts um you have your native connection to your cmdb within service now allowing you to really understand that business context and better prioritize your security incidents uh you have the ability to integrate with threat Intel tools to enrich those incidents to you know better organize and orchestrate your response actions and direct those responses right from within sir followed by po incident workflows like completing configurable reports so bit of a high level view there um just as an overview and similar on the attack service management side we have our vulnerability response application and that's really giving you that visibility and prioritization um and automation of the vulnerability side across the Enterprise so in this scenario you'd be integrating your you know scanners setting up your vulnerability calculators and assignment rules and Elizabeth has some fantastic uh webinars that are out there on demand uh on all this type of configuration um and essentially you'd be able to have automatic risk scoring and grouping of your vulnerabilities as well as assignment to the right teams across security and it uh we also have solution recommendations and Patch orchestration Integrations as well as different workflows for reassignments and requesting exceptions and deferrals which can also connect with our integrated risk management solution um and then lastly on the right hand side you have rescans that can confirm whether your vulnerabilities have been remediated and close them out so let's move on um so we feel you know understanding the suite of offerings and just security operations um in general is an important early step in implementation so that you have the ability to determine what outcomes and functionality you want to prioritize and so we've kind of highlighted several resources throughout this presentation here these ones being the ones that we think are great for you getting up to speed and remaining informed about SE Ops applications so just diving in here we have our product docs which you're probably quite familiar with um these are now updated for zanado do for those of you who have accounts and are logged in uh but this is where you're going to find the latest product information on SEC Ops and across the platform as well as well as release notes for new releases and other helpful content like setup guides and instructions about entitlements um and thanks for putting that stuff in the chat that's awesome so you can access that there um and so like I said when you're logged in you can now see some zanado do notes which are coming in September uh next we have a community YouTube channel so this is a great resource we've got a specific channel for SE Ops and we draw new demo videos regularly here um so it's a great way to learn about new product features especially if you you want to see videos as opposed to reading uh reading content so we'll drop that link in the chat as well uh now learning is a huge huge important resource um when you buy seops products you do get learning credits that can be used towards virtual on demand or instructor-led courses so that you or your team can obtain certifications um and become really informed on implementation of our products um so we regularly update these courses uh for different releases there's a SE Ops fundamentals course there's a sir and VR uh implementer course and Associated learning paths as well so there is a community post where I've curated all of the different links to specific courses for Security operation customers so we'll share that as well and I would encourage you to take a look I'm going to highlight some new classes that were just released on the Integrations into vulnerability response and getting those configured so if you're in your journey where you're looking that understanding that setup more those are on demand classes fore to you to access and review so just want to highlight there is everything and even little you know snippet learning bites it's not all necessarily a 3-day curriculum to to go through so yeah I encourage you to explore that there is a lot out there that's a great point I'll make sure that those get added too to the to the post yes um and then lastly here or not second last I guess is our security operations community so this is your central go-to hub for SE Ops users around the world you can share resources and best practices and possibly more importantly you can post questions and get solutions from service now experts across the community and I will call out that we've recently upgraded the user interface so it's cleaner it's easier to find content um and I'm going to possibly just throw that up on the screen for a moment just so that you can get a sense of where some of the top uh resources are oh bear with me for one moment here while I bring that up um so when you're in the community and you select security operations from the product Hub listing you'll you'll come to our landing page here so different look and feel now super easy to create your account and once you're in here and you have created your account I'll just call out first of all that you can subscribe to Forum posts articles blogs events I would highly encourage you to to do so especially events articles blogs because you'll get the latest information um from you know product success product management we often post articles and blogs about new futures um events like this one you'll also be able to see here and we do have our events tab as well and some of those on demand events that I was talking about earlier are really easily linked uh for you to take a look at as well as for those of you you know just getting started and wanting some great resources we have our welcome guides and our product checklists here and then our Forum down below of course where you can post questions to the community so super important resource uh that I just wanted to make sure we we showed and content like this is that's where we will be sharing that correct uh absolutely yes will be sharing here yes exactly in the events uh post for today all right moving right along to our developer site so this is really our developer ecosystem here and and this is a great resource for your more technical team members who want an actual you know sandbox to play around in to install applications um and do some config work it's open to all levels of individuals however um and it does include detailed technical documentation uh where you can also sign up for the free developer program to and you can collaborate with other Developers um and as you can see there's there's a nice little guide as to how you can get a new personal developer instance so definitely take a look at that especially if you're on the more technical side and you don't have access to that yet one thing I would encourage about leveraging your uh personal development instance for as you're exploring things and not certain you know what a configuration might do I would encourage testing it on the PDI because as you work on your sandbox or development instance for getting things set up and your update set builds if you get to the end of it and it didn't do what you thought it would do it it's not always as easy to take everything back out so having that test drive over on an instance where okay it didn't work that I won't be doing that on my Dev instance for you know promotion into QA and and prod it it just just makes it easier to confirm that your design and intended build is in fact going to do what you believe it's going to do just a little insight because the backout if you've done a lot is as timec consuming as the build so keep that in mind as you're building your update sets to get your configurations up the stack thanks for that great technical Pearl love it all right moving right along we're going to get into more of the how how should you go about your implementation and Elizabeth is going to take it away after we launch this next poll which is launched there we are so we're looking at where are you in your implementation Journey currently uh implementing now or this quarter uh planning to implement this year maybe no plans yet to implement perhaps after the webinar you'll get you'll get started and other so yeah definitely let us know in the chat if you fall into a different category and you'd like to share with us we'd love to hear where you're at and I'll also add that we're very happy to follow up with any individuals after the fact uh so if you have specific questions you don't think are answered in this webinar um or maybe more specific to your your situation you can always leave that in the survey at the end uh or in the chat and we'll we'll follow up with you right I'll leave it open for a few more seconds here okay so close that out and I'll hand it over to Elizabeth great okay so getting started in your implementation Journey want you to be aware of all the options that you have available um bringing in an expert with our expert Services team um can be quite beneficial as you go down your security implementation Journey um you may find that an implementation partner can also bring in that expertise having done it before to guide you in your you know understanding of what where should we start where should we go next um self- implementation certainly is possible we try to provide you as many tools as we can to help you be successful but I don't want to minimize at all having an implementation partner our our expert services in as a team member to work alongside of you um can definitely expedite um and have less rework in your plans to go forward um so all the options available there as we move forward in considering oh we're going to come back and close on how you can understand who those players are for um us sorry I was wondering if we weren't going to show them uh implementation Partners that's closing next slide so when you're getting started with security operations understandably there are a number of areas where you're going to start getting the data coming in leveraging the platform core setup as you're looking at roles and groups getting set up for whatever scope you're starting with well ility response application configuration compliance security incident again recognizing that each of those are scoped and they'll each have their own roles for who can come in and work with the data as you get that application stood up and data brought in and all those foundational things set up you can then move forward with understanding where your reporting will be are you leveraging performance analytics um are you going to be advancing in into other applications and data coming into this solution so there's a lot that you can do in that Foundation area that can take three six nine months before you even move forward into what this diagram is showing as a crawl this is really a u maturity as you start turning on performance analytics integrating patch orchestration having major security Incident Management come into your process threat Intelligence being a plugin for supporting security incident might not necessarily be as much as a leap into maturity as you know turning on cloud configuration or Cloud security for configuration compliance which I would consider is a whole another implementation um the benefit in working with the VR Suite is to recognize that there is parody uh intended in the design so as you get familiar with what you're doing with your implementation for VR it it's going to be near identical for app VR or configuration compliance or for container vulnerability so you have that kind of accelerated path on the next implementation for that suite for a security incident um different than vulnerability response you have different capabilities that you're bringing here uh a lot of automation that you can plug in with playbooks so there's there's different uh experience and knowledge that you're going to be bringing to setting that up um but still U A Place to Start um beneficial out of the gate uh no doubt with the automation that will come in with any of these plugins getting started and and set up in your environment next slide so this is giving you an understanding of maturity of vulnerability response as a program as a whole not necessarily this is an industry slide not necessarily service now specific but what you're looking at doing as you're getting started is moving out of that maturity level zero where everything is manual having the spreadsheets that you're exporting out of your scanner being emailed over to your remediation owners or to those players um that are plugging in on a a security incident uh you're losing the avilability visibility across the team of What's Happen happening when you go in that type of a disjointed process so what we're looking to do as you leverage service now technology is move towards at least that maturity one where you have some automation coming in as you're bringing that data into your vulnerability response application you're having set up a risk calculator to allow you to prioritize and give you a way to filter and determine where are we starting your grouping like vulnerabilities and assigning them out as they're being loaded in so all that activity that is H in the manual process is you know someone looking this up and putting them in the email then is happening as the data loads so you're automatically that much farther down the path in focusing on how are we getting this done and the vulnerability management team having that big picture because everything's in one system system to see how are these being progressed towards remediation how are they being handled that system single system of record giving you that visibility of the Enterprise instead of tracking that spreadsheet and however you would be managing that manually just cumbersome so quick jump start out of the gate and getting your data brought in here and getting that um configuration set up so as you advance into 2 you may have a additional level of understanding of your assignment that you can tune in on um you may find that there are uh different Integrations you bring up to have uh even more complete picture of the infrastructure um vulnerability life cycle management and having that entire uh process of a change request coming from this application uh an exception request coming from this application ation and having that awareness of that exception going out to your um compliance team and so those additional uh automations that are built within the tool coming into your normal process you may find that your program and getting started wants to be that advanced out of the gate and it's possible to have those remediators start with the use of that change link capability and that exception being uh integrated into the compliance team if you're an irm user again the seem to be augmented by scan data so the ability to have that cooperation with the cmdb team with the Insight that vulnerability response gives you from recognizing we could not find this CI that the scanner found that had a vulnerability and that cooperation and and working with the cmdb team alongside of you giving them that Insight that this isn't found Discovery may need to be tuned or however you're getting these assets into the cmdb this part of the infrastructure is being missed that the scanner is finding so giving them that insight and lead on where they can advance the cmdb then you go into Enterprise risk Trend trending where you have all your scanners integrated whether it's Cloud scans or application scans configuration scans all of those coming into a like automation environment so then you have the capability to have a complete picture of the attack surface available uh and available I guess that's the appropriate word if it's if it's exposed um and having that oversight um at a broader level full Enterprise picture um with any component um and opportunity for vulnerability being brought together for visualization so big picture something to work for people are there know it's possible so yeah we're here to help you with as much as we've been able to provide out of box and the ease of getting that set up for you to advance in your maturity quickly so in security incident it it's a similar cycle where you're starting out manual when you're at a mature stage of zero again adding that automation as you go to a maturity one you now have an integration from your Sims that have incident creation happening without you having to go in and key it in so there again you get a step ahead in your activities because that data is coming to you ready for action again the ability to have that prioritization calculation coming in as that record's being created so a lot of the same as you mature here single system of record improves B visibility so then as you move into a maturity of two you have more enrichment data coming in you have that threat intelligence plug-in turned on you maybe have the sis plugin turned on so all of that additional supporting information to give you Insight on that particular instant and actions that you might want to take around that at your fingertips to help guide you in that accelerated response better decision making then as you go into maturity 3 having orchestrated remediation where you have playbooks set up for you to have a guided stepping um tasking for the agents that are working on these particular incidents that are coming to light um Auto automated response again integration with um additional tools that are providing insight to your uh awareness of activity um and enhanced analyst efficiency again that having that Automation and that information at that fingertips so moving forward into you know a more advanced process becomes easier and again ideally giving you Solutions like security incident response gives you that framework to have that acceleration of maturity come to you sooner so sounds great let's get our maturity story in play which brings us to where to start so we do provide story themes to give you guidance and understanding of of what are we going to have to focus on as we get started so when you go out to some of the resources that we'll be sharing at the end we are giving you the details step of okay core setups I mean this is obvious you're installing vulnerability response any supporting applications that you want whether it's Pat stration or I guess this's coming into this one where you want to be uh starting um having that understanding of the UN user personas um going then forward to that integration setup what we're doing is wanting to make sure that you recognize all the steps that are going to make you successful and not having that be a guessing game and giving you that you know template to work from so that you can be successful obviously we want you to be successful so the insights that we can guide you into your success makes everyone happy at the end so know that these are out there um whether I'm looking at this to see change management could be maturity again out of the box it's a push button it's kind of a no-brainer if you want to add that to your phase one it's more of a probably appetite for how much your remediation owner team can take on uh remediation owner those people that are doing the remediation exception configuration again it's set up out of the box once you plug in your um approver names to the approval groups the workflows are already there ready for you to use it's a matter of if if their appetite allows them to have that go into place definitely beneficial for you to have recognize which of these remediations are not able to be met by a Target date notifications for vulnerability response there is um I would say uh a give and take on notifications understandably you're not able to send a notification out when anybody gets assignment group gets a vulnerability you're having that come in nightly their email it's going to be no no it's not going to be actionable there'll be too many so the way that you notify with vulnerability response is needs to be very mindful thinking of that uh volume of data that comes into this particular application um it should be more of a training of the remediation owner to know that they should come into their workspace every day and have that be their Norm for seeing what work is there for me today not looking for that email to be their trigger to go look at their workspace that that should be going to that workspace to see their work should be the way that they get their notification so it should become their habit more so than you proactively giving them an email that says you have work I guarantee they have work I haven't found a a customer or a client that has no vulnerabilities and no uh teams have you know action to take so so um it's a known if you're a CI owner chances are pretty good that you have a vulnerability that you need to look at to remediate uh report configurations again at the ease of that um being out of the Gates giving you a ton of out of the box most common reports that customers are using um that for getting a PA report set up we have scheduled jobs that are ready to be activated to collect your data so again giving you a lot to start from it's a matter of you know where you want to start how much you want phase one to be what's your timeline you know to say where are we starting and what are we going to do in the first three months versus the next three months and you know rolling out and maturing over time um options for you to consider and dashboard configuration um this is almost one that is changing as we get more workspace heavy knowing that our future is in workspace we have dashboards that are are retiring because of the capabilities that are coming into workspace for homepages to be able to represent you know the data that's giving you the insight to know where your action needs to be so this side could almost it's getting close to being revamped and having that dashboard probably changeed to more of a workspace setup so like vulnerability Response Security incident response has these same them um but one of the benefits being in the platform and knowing the platform it is the continuity of how everything works you know installing the applications regardless of the application it's going to be the same you're out on the store getting it um the user Persona the roles getting those assigned to groups all of that is consistent as you go from one application to the next so as you become expert it's you know the same and one of the benefits of the platform right so uh access restrictions Social Security incident has um a uniqueness from vulnerability response mainly be because of the sensitivity of the data the access restrictions for security incident response actually allows you to even minimize uh platform administrators from getting into this solution and getting into this data normally platform administrators have access to everything on the platform and they can get in and do anything that they need to do um security incident is the one plugin that is the exception so you need to decide as an organization where is your control as a in Access understandably you know least access is the general rule does that include the platform administrators when it comes around to security incidents so that's a unique decision for this particular application again integration setups likewise bringing your data in you know automating that creation of incident um whether or not there are cmdb updates again the cooperation with your cmdb team for these Solutions because of the value that that cmdb and the attributes that are maintained on that cmdb being right um play back out in your your calculations for risk um and determining priority of work so you know is it external facing it is it a a server that hosts a crown jewel application so all of that cm DB particulars really play into the benefit of what these Solutions can bring to you I don't want to say it's the end all because you can have that automation of data coming into this these Solutions and have that understanding of what's out there and getting that single pain of class you can still do risk calculations without those particulars if those aren't in your cmdb yet with other things in Rel relation to you know the incident itself uh recognizing the hardware still is going to be valuable for security incident VR you have other um attributes that can weigh into that uh risk calculation but I don't want to overinflate that you can't do anything without the cmdb you can do more with the cmdb and as the matur maturity of the cmdb comes you can do even more but it's it's not a showstopper if your cmdb isn't pristine none of them are don't have that be the reason why you don't start there is so much value in the automation that these tools are bringing you that should not be the reason why we got to wait so going through the story themes um you can read it as good as I can um they're intended to go in order of understanding of you know where are we going to start how much is going to be phase one um on through to your dashboards or setup of workspace again these are available out there in now create which we'll be sharing with you later so here here is our slide this is the one I was thinking might be coming after I talked about the uh expert services or Partners being a part of your journey um we do have uh resources available to go out and find the partner find a partner that has certified security implementers um and I do want to emphasize that we have a wonderful partner Community we couldn't be who we are without them out there assisting Us in helping customers get their applications up and running and matured tuned whatever it may be they are invaluable but I do want to emphasize that these Security Solutions have uniquenesses and so as you're looking for a partner looking for those that have the certifications in the tools that you want to be implementing so we do have that capability as we look at Partner Finder um so again want to be emphasizing that you do want to look for those Specialists they will bring that experience that will expedite expert Services again available for you to have um an Outreach working with your account team they certainly comp you into our resources that can get an understanding of what you're looking for whether your guidance is just an advisory working alongside the team that could be enough for you or are there additional hands on keyboard do we just not have enough for what we want to do we can bring those resources in as well um so you decide how much you want to have them play in a role of your implementation plan there are packet services that you can look at to have that be your possibility of your scope of work and additional resources um yeah like I said ex extra feed on the street when you're doing your project uh you decide how much or how little they can help you and I'll create so we talked about the story themes there are little literally starter stories out there um in a in a spreadsheet for you to uh work from um the quick guide that that gives you a step by step on step one activate the plugin trying to make it as easy for you as we can to be successful in your journey we are sharing these with you your process guides maybe it's a process Workshop that you're going to run to understand what your requirements are we provide a deck for you to guide that Q&A of what do we need to understand and flesh out in our requirements so we can get moving forward with our configuration to hit our mark on what we want from these tools out of the gate or in our maturity so I don't want to minimize how much is out here because it's a lot in having you be successful scoping guides all all of this here process guides for you to share out with your teams for their them to understand not just not just usage some of it is process and the decisioning that you're doing as you're working with the tool and knowing what that process is intended we give you a starter template for process guide kind of an outof the-box idea and then you can just customize that as it relates to your organization's uniqueness you know business strategy and intended use so leverage that it it's kind of your own uh Consulting team um in getting you started for sure all right thank you so much Elizabeth um we're gonna move into our final section um just a reminder to go ahead and add any questions into the Q&A or chat um we'd love to answer them before we close out and anything that we don't get to we'll definitely follow up with you so we do want to a little bit of time on why you should begin implementing security operations if you haven't already and what kind of value can you expect to see by getting started so I'm going to open it up by launching our last poll of the session here and this is just looking at what are your top desired business outcomes um accelerate response to security incidents perhaps you're more focused on critical vulnerabilities uh or reducing security incident resolution effort or reducing your attack surfice or maybe all of them which is also fine if there's any other ones feel free to add them in the chat as well we' love to hear from you and we'll keep it open as we've still got some people responding and some responses coming in looks like a little bit of a stronger focus on accelerating response to critical vulnerabilities um with some interest of course in security incident as well so very interesting for sure I'll go ahead and wrap up that poll there and we'll continue forward um and we want to say you know good news because you can really eventually get to all of those things depending on your priorities and how you're phasing your implementation um and our customers have been able to achieve these types of results and pretty quickly so within six months of going live as well so we we can see in many cases analysts are closing almost two times the number of security incidents on average at just six months of usage um and cutting meantime to remediate a vulnerability in half in just six months and so even our best-in-class customers are getting results that are even greater than this so we want you to know that these are the types of results that we're here to help help you achieve and to add more to that we do want to say that at service now our security team is customer zero and we ourselves have moved from using you know manual labor intensive processes to respond to vulnerabilities uh to using vulnerability response leading to over you know 99% accuracy in assigning vulnerabilities exceptionally High SLA attainment and 85% gains in productivity so really great results for our internal team and similarly with security incident response our internal security has gained a lot of value moving from manual processes to being able to prioritize alerts and automate their processes uh leading to huge cost savings and thousands of hours Sav so again we are active users of our product and we're constantly working with our internal team to implement new functionality and reach even more results U but when it comes to getting to these types of results you know Elizabeth talked a lot about the you know implementation side and it's really you know a good starting place to set your vision and your outcomes and these are just some of the examples of the types of outcomes that you can choose to prioritize in your implementation and many customers will initially select one or two outcomes that relate to their biggest you know key challenges to prioritize those first and to be able to select the appropriate corresponding metrics to measure their progress again that we shared a number of resources on now create and there's also a post that we'll share in a little bit in the community that can also uh help you because it does list out a number of these as well and so as you explore the value that you can get out of your seops applications and create that vision for your organization we'll take a look at these three resources before we close out today so first we have the customer success Center which is really your One-Stop shop to search across all of your service now resources um find leading practices resources tools calculators events Etc and you can learn more about the now value methodology which is a framework that helps you envision create and validate value from your service net products on that note one of the resources that's within the customer success Center that can be really useful is the value calculator it's a really you know simple tool a quick and easy way that you can see the annual business value that you can achieve using service now and specifically in our situation uh SE Ops applications so you can look at you know the value of multiple different solutions at a time or you can just sort of narrow in on security app operations which we've shown here in the uh screenshot that's a great one to check out really simple easy tool especially if you're you know determining what your kind of like creating that value proposition right for getting started now what if you do have service now impact so a lot of customers will have service now impact um as part of their their package and this is really a value acceler a solution that's designed to maximize the value that you get out of your investment with service now there are a range of different packages with different offerings and this slide sort of shows a little bit more detail around the possible offerings that you may have access to so this is you know the total package with the full range which includes things like having a designated Squad value recommendations additional technical support and special you know discounts on things like training and expert services so if you're interested in more about service now impact you can certainly reach out to your account executive or customer success manager um so we just want to wrap things up again feel free to throw any additional questions into the Q&A uh this is just a summary slide of some of the key places to go for more resour resources that we've been sharing throughout um I mentioned we're going to be posting the recording of this session and the links in the community so I did share that link earlier but that'll be in the event posting within the community before we close out again I want to invite you all to our inperson customer event in Santa Clara this is called connect SEC security symposium it's happening on September 24th to 25th it's a free in-person event for security operations customers we'd love to see you there so please uh feel free to scan this QR code and find out more information and register online and we'll also share that Pete has shared that in the chat the link to register again would love to see you there it's it's almost like a mini knowledge it's dedicated specifically to the security operations so you're going to have the opportunity to meet with you know product managers product success from service now as well as actual security operations customers who are sharing their real stories of their um you know Lessons Learned successes and everything else so please register and this again has been part of our live on service now programming so we'll have additional events throughout the year and we do have an office hours event next week so please join us for that where you you can um have an open Forum to ask any questions that you want and learn what other questions people are asking and share best practices now we do have time for a little bit of Q&A for any additional questions I did see one come in that got answered already um let's see if anything else has come in I know one of the questions we often get is around the CMD the maturity and how mature does it have to be to get started and Elizabeth already went through that which was awesome another question we sometimes get is sort of how do we know you know what sort of Integrations are available so one of the things I can just pull up quickly is the service now store which is another really great uh resource and place to go we didn't actually specifically call it out today but um popping open or. servicenow.com and then searching for security operations you'll find all of the different apps and solutions and Integrations that are available you can also search by integration name and you can see sort of which is developed by service now or by one of our certified technology partners and so this is a really great uh place to get more information about what is available what is out there um and oftentimes it'll be additional you know supporting documentation as well for the different applications I'm going to dig into this a little more you happen to pick tanium in ation I don't know that this is fleshed out as much in looking at the menu that's available on the right why don't you pop back to one that we developed I know that it will be fleshed out then um so I want to point out that when you take a look at that version there's other application versions and if you click on that just giving them the Insight of how much information is out here you'll see the release notes and the dates that each of the prior versions had and what they were bringing to the market so closing out of this understand you could view details that takes you over to Doc specifically when you go down to Ling requirements oh I what this is what I want to do is go over Instead This is what where I used to find it under product details in the center of the form you can also go over to the dependencies tab because a lot of people always wonder what do I need to run this application and those are additional insights that the the store Page is bringing to you so I want to just make you guys aware that it's not just the description of the product itself the links here are also bringing you a lot of information and understanding about what this product will bring to you so take a look at those as well as you're out there exploring and looking to understand a particular Plug-In or application yeah that's great Insight thank you um let's see we'll give it another minute and see if any other questions do come in but I do want to just thank you all for joining us today and we really appreciate your time if you do have a moment to complete that survey when we close out today that would be great we love getting your feedback and making these sessions as valuable as possible for you doesn't look like anything else has come in so we'll probably go ahead and wrap things up for today's session and again thank you so much for joining us and we'll have this recording up at the link that I shared in the community um in the coming days thanks everyone