hello everyone we're going to give it a couple minutes to get everybody in uh in the session so go ahead if you're if you're already in drop in the chat where you're calling in from love to hear where everybody's where's everybody's reaching in Costa Rica all right and if you haven't been on any of our sessions prior to this the song that I'm playing is kind of our adopted song that we've we started with around Asset Management it's the AI generated uh song so I'll drop in the chat the link to it if you're interested in in doing using it later on oh I got somebody from Houston Texas Maryland Virginia Dallas another Texas Pennsylvania awesome all right give it about another 30 seconds and then we'll get started California St Louis Phoenix Dakota North Michigan all right looks like everybody's from the US so far or Costa Rica well first one put in there so he's the you unique one I'd love to see if anybody else outside of uh the us maybe Seattle yes I was there earlier and um loved loved the The View and um everybody was super nice so uh I definitely will be planning on going back to Seattle soon was there for a workshop earlier this year so another Costa Rica so all right well we are going to go ahead and kick off our session um again thank you for joining um we'll do some introductions we have a new guest or a special guest joining us today and uh Rich actually won't be on the call so I'll start with myself my name is Michelle Campos and I'm an itam solution consultant here at service now I joined service now a couple years ago from a practitioner standpoint so I've a customer service now using Asset Management both hardware and software Asset Management um uh and managing teams that were uh using the the data behind the asset management uh Rich who is my partner that does does these sessions with me as well is actually in Chicago today we had the Chicago Summit um so he's there doing a workshop uh and uh has dropped in some some notes to me to tell everyone he says hello so um that he will be back for our next session and we'll talk about what that next session will be um and then I would love to introduce Tim Tim do you want to take a moment and kind of introduce you to the to the guest yeah absolutely thanks Michelle um hey everyone I'm super excited to be here today uh with Michelle doing this webinar so my name is Tim wormwood I am an advisory solution consultant here at service now and I specialize in uh service now security operations offerings um been here about about a year and a half and before that I was I was at a customer and I was a security practitioner so I was a security architect and um I focused on identity Cloud security and I did you know a lot of um every security professional's least favorite thing which was writing security policy as well so super excited to be here with you for the next hour polies are so much fun let me tell you I I know from the itan perspective all about it but um the the great thing about having Tim here very similar to Rich and myself is that we've been he's been in those pain points right um he understands the importance of a a good security practice he understands the importance of service now and bringing um the holistic data set together within Asset Management we'll kind of talk about that U but just knowing that we've been in your shoes um should help you with understanding where some of the conversation will be coming from so Dave Harbor um we don't have anything in this in this session uh that's looking into the future but if for some reason we were to talk about road maps uh we will definitely let you know and just be aware that those are things that were look forward-looking statements um and then just to kind of give a little tidbit we will be doing a session about the zity release and some of those things that are coming within Asset Management um it will be probably another two months um so not next month but the following month um but in the meantime keep your eyes open there's going to be definitely recordings out there to show you what's coming out um we'll jump into the agenda really quickly and then the good part of the wine um so really really to understand what we're going to be talking about is you know how does itam support te Ops um and that's not necessarily just within the platform but just overall some of those policy procedures right or we'll start noticing some of the overlap and and understanding how SE Ops um utilizes some of the asset management uh inventory for for securing their assets uh and then the second why is it important to manage those assets where you manage vulnerabilities so getting more into the platform play and understanding why service now um managing your assets where you manage your vulnerabilities is important and how service now can help help you with that I'll jump through a very quick demo with the uh end of life end of support reporting capabilities that are offered within ham and Sam um just showing you the reporting that we provide and how it can be useful um Again by the SE Ops Team um and then Tim will actually take a little bit more of a lead and show you some of the demonstration around zero day exposure in the accessment the assessment within service now uh we'll end it with upcoming event some of the workshops that we have going on uh that you might be interested in we'll stop the recording as we always do give you the ability to ask questions either through Q&A um or come off mute and feel free to ask us uh in life um I guess you know kind of housekeeping rules or housekeeping if you have any questions drop them in Q&A if you have any you know tidbits or anything that maybe you've run across because we're all it's definitely a community here we want to have you you know kind of come in and chime into different things that of how you're using something maybe if we're talking about it feel free to drop that in the chat and communicate with us so this is the wine part Tim um we're GNA get to to try some wine um I as I say each and every time have you've been on each one of these sessions I'm sorry for repeating myself I'm not a wine prisser I join I enjoy a glass of wine every every now and then probably every time I'm on here is each time I'm having a glass of wine um I don't have them too much outside of here I'm definitely looking to get into the whole Vineyard thing and the experience behind the wine so I'm hoping to kind of get into that when things cool down I am inside Houston Texas um and I think we were close to that 100 range um as far as temperatures go so I'm not going to be sitting outside enjoying wine um just not my my cup of tea but uh Tim if you want to come off mute and talk about the wine that you chose and then I'll go ahead and launch a poll and if you can make some suggestions anybody out there different wines that you like um so we can utilize those later on yeah absolutely so I too am not a uh I am not a big wine person my wife is the Wine Drinker in the house so I'm much more likely to get a uh like a nice uh hazy New England IPA disclaimer I live in Upstate New York so if you're not familiar with what a New England IPA is it's like a slightly fruity IPA that doesn't give you a killer hangover the next day or a headache um so my wine I chose uh Vint it's a Robert madavi and it's a Cabernet um what sold me on this is that it was aged in Bourbon barrels so I think it's going to have some interesting uh flavor notes so definitely looking forward to trying this out love it all right so there's five you have to try in front of everybody so if you make a face they're going to know know instant you like it or you don't like it oh so I like real time have to pour it and try it right now yes did you bring a glass or you gonna let us know how it was after the call I have a glass I'm gonna I'm gonna pour and Sample right now while you're doing that I'll go ahead and talk about the wine that I chose um or I guess I should say my husband chose because I was running last minute to this grocery store and I begged him to pick up something um but it's it's called San Antonio um if you any familiar with you know Texas we have a a city called San Antonio which is one of my favorite cities to to go on the River Walk and enjoy a nice stroll um and maybe a couple drinks um but he picked it up because I've been begging to go back to San Antonio so that was his kind of influence behind it but this is strawberry and guava so what did you think Tim did you like it yeah it was good you definitely taste a little uh little little bourbon flavor in there which is okay with me so I'm a fan side note no wine in grocery stores in New York state that's like a law here so inconvenient I forget about that yeah we have family in Baltimore and every time we try and go get wine or any kind of drinks right there you have to go to a separate store so here in in Texas yeah you are allowed to there's specific alcohol that they're able to sell um probably not the hard core stuff but more of the wines and things of that nature so this one's definitely good um not as good as the chocolate flavored one I had last time uh definitely a chocolate fan um any kind of chocolate but this one's definitely good I I will definitely have a couple glasses um so let's start diving in anybody that's again jooin this session they understand why we're doing this webinar series but each month we do a session where we Deep dive into specific areas of asset manag agement or as we're doing today Better Together stories with different products on the platform and it's really just to help the practitioners it's to help the people that have the hands on the keyboards that are trying to do day in and day out task around you know like I said Asset Management set Ops things of that nature uh we just we were practitioners we understand the Pains of you know trying to keep up with changes and things that are being released on a regular basis so our goal in this is to open it up and have kind of Community where you can come in and learn different things we can do a deep dive into that but really just making sure that we're helping our you know the customers that are interested in in understanding and learning different things within the platform or within our products so we talk about asset management and you've all heard this we really in this session in this specific uh webinar series we we stay focused within software asset management and Hardware asset management and then today we're going to talk about set Ops and how they kind of relate back together so this is just kind of a visual of of where we'll reside today um when we're talking about it and the reason why right so the reason why we want to talk about security um one this was one of the suggested topics that um a few of y'all had voted on in PR previous sessions so we appreciate that but two is a lot of the you know reporting and um metrics that received back is security and asset management go hand inand and I think Tim can really kind of relate to this as well as myself is I can't tell you how many calls or how many meetings I had where my S my ciso was not involved in those meetings right and the reason is is because a lot of times we needed to relate and and share information and understand what policies I had in place versus What policies she had in place um and making sure that we didn't have any gaps within those policies that could ultimately expose us to vulnerabilities um so really when you are talking about security um it's how you know how do you secure your assets right that's that's the M that's the the goal this is a a uh a poll that we ran we had we didn't have it run we had a a company run it for us uh against uh all different customers not just service now customers and this was one of their responses with what Which business metrics are you are used today to measure a successful IAM program and if you look at it 46% of those customers said security risk minimizing security risk anything you want to add to that Tim any any yeah no I think I think I think you're spot on there's a significant overlap between having a a robust um Asset Management program and a robust security program because you know we don't care about barcodes on devices and what stock room they're in but we do care about the data that's stored on them and ensuring that we know the software that's installed on them that software is up to dat and um you know we can't we can't secure what we don't know about and there's often significant visibility gaps in in or in in Enterprises um that a good itan program can can help alleviate those gaps yeah you stole my thunder my next slide so it's as if you knew what was coming right but truly I can't tell you or I can tell you at least twice with customers I've had a ciso say this comment to me in some form or fashion right but I can't secure what I don't know about um that's true it's true um if you didn't know that there's you know a a laptop that's on your network and is trying to you know come in and do harm to that to your network um how are you supposed to secure it right so there's different things that you can do from a security stand I'm not going to be that specialist to you feel free to do it but having a true inventory helps minimize the work that security has to do to make sure that um they're putting in all those uh those rules and regulations and and identifying things that should should or shouldn't be on that Network but when you talk about security and I actually would like to bring up an example so I was at a a workshop recently where um one of the customers asked you know well how how do you do vulnerability management within the platform because you know my SE Ops Team and this was the itam manager my SE Ops team is is relying on me to provide them with some in with some information and I don't feel like I'm security so I shouldn't have to provide that to them and I was like whoa who wait a minute you know like you all work for the same company you want to make sure that you become good friends with them right because security can make your life a pain in the butt if you don't right so they can yeah yeah right like they they that's what they live for is is definitely making sure that you know we can't do our work as we need to do it but it only makes sense and you'll hear you've heard me say this time in and time out is bringing the stakeholders to the table and security is going to be one of your number one stakeholders Finance I say is another another one legal is another one but security building that relationship between the asset management team and the security team is going to be very important and you can see here how some of the overlaps between the two right and how you want to make sure you can get that great relationship yeah that's a great slide Michelle I just wanted to point out like I saw a lot of points there that like even like um you know disposal and compliance like that maybe that's one of the less uh glamorous areas of security but ensuring that assets are run through the life cycle um you know appropriately and at the end of their life you know I've worked for companies where like the drives had to literally be pulled out and shredded yeah so um you know that that that isn't like I said not really super glamorous but very important part of security and compliance and just being able to track that fantastic it's actually kind of fun if you've ever sat and watched them shred some of those hard drives it's pretty cool so um I've yeah I worked for a company I worked for a financial institution where we actually had disposal vendors come on site they would bring a truck on site and dispose of hard drives um so that way we could get compliance you know the certificate of compliance um on hand and things weren't ultimately getting out of hand and we weren't able to track them so uh but that's the difference between a security guy and an IGM girl right security guy like doesn't want to watch it I'm like oh wow like watch it watch it get all crushed up so it's pretty cool it's pretty cool the policies now on the other hand yeah they can they can definitely be annoying at times but there's a reason that they're there so when we talk about why doing asset management and Tech op you know security operations on one location on one platform is important if you look at this specific statistic it talks about incomplete or siloed conflicting or inadequate asset information has an effect on your organization if you see number two 177% it puts security and compliance at risk so we want to make sure again not just from a financial perspective because if you get you know if you get these vulnerability attacks yeah you're going to get penalized yeah you're going to have to notify your customers and possibly put some Financial you know ramification behind it but the worst thing is your reputation it takes you know it takes years to build good reputations and having customers build good or having you know having your business build a good reputation but it only takes minutes for it to go away that's another kind of quote that I had seen on the back end but um yeah it it's really important so we'll keep talking about how service now can help within that space so if you talk about the lify ccle of a asset um because asset management is that life cycle right that's we're trying to track the life cycle of the asset you can see here you know we have it all the way from you know the asset request to provisioning to you know the operations of it is it is it on is it alerting is it is it broken um and then you can see up here we have the vulnerabilities right so this is where we're going to really stay focused today starting to talk about how we can make sure that those abilities are minimized and how to take actions on them when you need to but the beauty of the platform is we can meet you in all these spaces right every single one of these bullets within here are products or functionalities that we have within the platform to make sure that you have a holistic view of what's going on within the asset itself so keep that in mind this is some examples of different areas with in the life cycle that we can are kind of the better together so you can see here the request is asset management and itsm so is it you know are you requesting that through a portal um onboarding employees can better together with um HR um itom keeping visibility into what's going on and automating that visibility and then you can see here in that monitor piece we have SE Ops right so that vulnerability um but these are some of the examples of those Better Together stories so keep this in mind because uh we will launch another poll at the end and if there's an interest in some of the better together um definitely put that in as far as a suggestion for future conversations and then we can do this with another person on our team and you know have a specialist come in we have done an iom one uh with Will and that went over really well lots of lots of lots of questions and engagement um which is out on our website I'll show you in a moment um but just keep keep in mind these different talk tracks and if there's something of Interest definitely keep us uh keep us in the loop and we'll make sure that we can get to it so really quickly I'm going to take a moment and you know jump into my instance and show you some of the IND of Life IND of support um reporting that we provide within the content service let me jump into the slide really quickly when we talk about the content service there's two kind of two components of it so there's the normalization feature that we provide and then there's the library of data that we're providing and the thing that we're going to specifically jump in today are the life cycle dates so these life cycle dates are specific to what's been released out there in the industry to specific Publishers or manufacturers on the hardware side um these are not dates that we're making up these are dates that have been again publicly released and we're basically collecting that information on our a service now team we're collecting that information and then updating the library and that feed comes into your instance on a weekly basis so what I'm going to do is jump into my instance quickly as my phone go off my boss calling me checking it checking up on me um so I'm in the hardware asset and we'll jump into the software asset as well but this is that Hardware asset overview page where you can see um you know the high level reporting and what's going on in your environment thing act things that you have to take action on but if you scroll down you'll see here we had the hardware model life cycle overview so this is this is a report that you can drill into we'll we'll go ahead and drill into it here and there's another way to get to it and I'll show you here in a minute but you can see here these are all the models that I have in my environment this I specifically clicks on end of life um if you want to remove end of life and get a holistic report you can do that as well remove the filter um but for this we we can see we have one that's really really old um we would hope that you don't have this in your environment but I think Tim and I both know that we talk to customers on a daily basis that do have really old equipment in their environment so um here you can come into this specific Hardware model and I can see all of my assets and where they're at um so at this point maybe I would take you know take action on these and you know start working to refresh these get these out of my environment um and you know move forward with it right and Tim will show you how he's going to leverage some of this information on the software side to to do his his reporting but you can come in here and and drill in you know if I wanted to look at the next thing that's coming that's not currently um out of life we could take a look at this Dell power Edge um again I have my assets here um I have my life cycle here so this is giving me all of the life cycles to this specific model um and you can see that it's going into life 2025 so now the important thing is is you're now becoming proactive instead of retroactive and you can start taking action on these items prior to them going into of life right so let's help the Tims of the world Let's Help the security teams of the world refresh get those assets out of the environment and ultimately reduce that EXP exposure to vulnerabilities for things that are are not um no longer patched so if you look here for anybody that's not familiar with this this is the actual report itself so if I wanted to go to this table I can go to the filter Navigator enter it in um if you do Capital list it'll open up a new tab and it'll bring me to the same report um with all of the information as well so different ways if you prefer the table view you can do that if you want to use the workspace view which is what this is called you can do that as well and um this information is exportable so you could have it on a onetime download you could have it scheduled on a you know a monthly basis on an annual basis quarterly whatever you want um and schedule that out to your different team if I go over to the software side again I'm on that overview landing page so I can jump in here and I can come down here and the products that are end of life into of support So if I jumped into end of support I can see here Microsoft Word 2011 I have three installs out there um I can see when it went into support so it looks like it's going um end of extended support in October of this year if I wanted to get into that information of what's actually out there and installed and where it's installed I can come in here and see that which specific device is installed on so that's again just another way to get to the reporting and then it the table view would be this samore swore productor life life cycore report that you can get to the table view if you wanted to do that exportable as well so that's just a quick overview of some of the functionality that we provide to you out of the box as soon as you opt into the Content Library again this job is run on a weekly basis so this information will be popular ated into your instance um for you to start taking action on it real time I'm going to jump back into the slides let me scroll down looks like Tim you're next so you want me to go ahead and just stop sharing and then you can take over yeah that's perfect okay I just have a little commentary on all of the end of life um you know availability as well so when I see you know Optiplex GX 280s man I remember deploying those right out of college like hundreds of them um it it really can be it it like even you know end of life software is one thing right so when I hear end of life software I think vulnerabilities right software that's no longer receiving security updates meaning that you know threat actors can go out and find vulnerabilities and find a way to break into your into your stuff um but there is a risk in also running and it's maybe not a sec Ops risk it's more a business risk right but running your business on like you know 15-year-old servers that are outdated are not getting firmware updates maybe you can or can't get um components raid cards uh drives whatever you might need for them so that that that is still part of the broader like Risk umbrella right um so you know you're your your security folks may not you know maybe won't be like well there's a vulnerability there but maybe there is right the firmware is not getting but yeah you know in the least like for both of those scenarios right end of life software and end of life Hardware um based on my experience as a practitioner you know there's going to be a risk accept acceptance process that folks are going to have to go to you're going to need to document why you can't upgrade it why it's still out there why you're running production on an oplex gx280 under someone's desk um you know you're going to have to provide like a you know proba to work with your teams compensating controls right maybe there's a spar gx280 under your desk that's not a good compensating control but um you know that's those are things that your leadership is going to want to be aware of and have visibility into so the ability to see that's really cool so yeah yeah writing business as usual right like you said maybe it's you can't even get parts or you can't do upgrades or you can no longer support applications that are on there and then now all of a sudden you're at a frantic stage where you're trying to figure out how you're going to make things work right I talked to customers on the software side 2012 where it was like they had no idea and then they were supporting other customers where it was like it was just a a sporadic chaos to go out and figure out how they were going to ultimately upgrade everybody and when you're talking about servers it's not an overnight thing right it it takes time developing figuring out testing all that so good point and especially if you haven't like built your environment you know to be uh redundant right so you're talking about outages a lot of planning um I've been there personally as an engineer like just having to deal all from that so uh as a practitioner that that that cuts me deep I feel that pain like I've been there it it's not fun so and that's funny when you start getting Goosebumps because you start going back to memor you know yeah uh um regulations and audit regulatory audits were the ones that give me the good thumps I'm like ah don't put me back in that world so yep 100% let me know when you can see my screen here and I'll I'll kind of start running through you're good to go awesome if youall have any questions while he's running through this feel free to drop them in the Q&A and I'll do my best attempt to answer them if not we can definitely answer them after we stop the recording too cool all right um yeah so I'm gonna this isn't going to be an exhausted Deep dive into into VR we don't have enough time for that um so you know uh that that being said the the super 30,000 foot high Lev view is that you know vulnerability response is one of the sa Ops modules that service now offers um you know vulnerability management you know running a vulnerability Management program nowadays is a is fully a team support um you've got your security teams uh scanning for vulnerabilities monitoring those vulnerabilities in your environment figuring out you know what what do we want to focus on and getting those things uh kind of thrown over the fence to it traditionally for patching and Remediation so um with that in mind you know VR is designed it has two workspaces out of the box box so we have our vulnerability manager workspace there is also a secondary workspace for your it remediators that's much more focused on getting things um you know in into change management uh you know providing Solutions and you know orchestrating patch deployment so that folks can um you know remediate more quickly so we're not going to go into the IT remediation workspace today just because of the the scope of this demo but this is the vulnerability manager workspace so um what we have the ability to do here is let's use a scenario where we have a zero day that's come out um and you know these are these are becoming more and more common I'm sure you've heard of some of them over the last couple years log for J uh I personally was like boots on the ground for log forj in a practitioner role I still have PTSD from it um you know solar winds uh move it was another big one a couple years ago that came out that everyone was scrambling and running around like crazy trying to f figure out their exposure and um you know polling logs to see if their systems have been accessed it was crazy um so so for the in this a sample zero day right um we don't have a cve uh or maybe we do right that can depend sometimes these things come out and there is not a cve yet but you know maybe there is some guidance from the from the vendor around compensating controls or maybe you need to get a group policy created that pushes out a registry change to to fix all your workstations Downstream um the problem is that your vulnerability scanner is not going to know about it yet so your vulnerability scanner is going to rely on like a signature like an EDR or antivirus solution um but then it also needs to scan your network and um scans of networks can take days uh I've seen scans of networks take weeks uh and this can really vary very widely based on um you know the types scans you're doing you're uh maybe you're not allowed to scan certain Network segments during business hours because it might slow some processes down maybe you have to wait for a maintenance window on a Saturday night when no one's working um I've seen all of that and uh it's very true that it can take days or weeks to get a full scan back and get the data imported um so in the case of those you know zero days that I mentioned you know there was really an urgency to hit the ground running really rapidly get head of it come up with a plan get your compensating controls in place or your mitigations in place and this is where um you know the better together story is going to come into play and that's having the ability to do an exposure assessment from within the vulnerability manager workspace and leverage the Sam data right so we've got an accurate accounting of our software that's deployed across our estate so we know the versions uh we know the P you know the publisher and the versions that are at risk for the zero day so what we can do is we can go in here we can add um a new criteria for an assessment publisher product um if you know the version which you probably would based on a zero day is published you would punch that in and then it's going to pull that data back from from software asset management and we're going to come back with an overall count right so how many unique installations of the software exists in our environment and um what are we going to do with that So within within vulnerability response we're not we're not directly working with um you know configuration items or cves or actually the the kind of like base unit of work is called a vulnerable item um or a vit you can see it says vit creation count right here and at its core what a vit is is the marrying of a cve or a vulnerability and a configuration item so if you have a a laptop ABC with a vulnerability on it that's going to be its own unique vulnerable item and that that vulnerable item is what is used to drive through the entire life cycle of the remediation process so once you've got your software discovered here you've pulled it back into this workspace we've run the report the data has come back we can actually select it and we can go ahead and we can create vulnerable items here again we can select an existing or new vulnerability um if it's a new vulnerability you need to just put a cve entry and a and a description here and what that's going to do is that's going to go out and then create these vulnerable items now I've already I've already gone ahead and kind of pre-created this for this uh you know sample vulnerability for SQL Enterprise 2017 and what this is going to allow you to do is now you're ahead of the game you're not relying on a network scan the data is there the vulnerable items have been been created your vulnerability managers again knowing this is a high-risk vulnerability it's uh we need to get ahead of it really quickly they're going to go here and create a watch topic and so a watch topic is kind of like slicing and dicing vulnerability information you can see this can be really broad so we can have like any vulnerability on a W Windows host or a Linux host or we could have you know the U for specific log for J vulnerabilities or in this case this one that I just created right so it's one specific cve what this watch topic watch topic is going to show us is you know trending information over time how many of the vulnerable items that we created are in a remediation effort and a remediation effort is what drives that Downstream work from your it remediation teams we can see a list of configuration items that are associated with it uh are those internet facing probably wouldn't want a SQL Server being internet facing but you know that's that's a good data point to have right and that's a cmdb attribute that we can pull back and just visualize here for risk scoring so we can see the distinct vulnerabilities ass assciated with it it was just one in this case and then how many vulnerable items were created so it was 88 we can see in this table um you know the vulnerable item number what the uh the CI classes It's associated with a summary of the vulnerability and the configuration item it's directly associated with so then uh and again I'm going to stop here I'm not going to dive into the IT piece of it but all you would want to do is your vulnerability manager is going to want to go ahead and create a remediation effort and what that's going to do is bundle up the tasks um you know based on how you configured the grouping within vulnerability response and it's going to send it over to the it teams for remediation so that's just a great example of of how you can use that you know near real time to determine your um exposure to a potential zero day love it and we had a question in the chat which I've answered but feel free to give your perspective on it their their specific question was is SE part of software asset management or Hardware asset management or IAM right and my response was no it's it's actually part of a different um component within the platform itself uh but what you're showing today is how you can leverage because you are on one platform you can leverage the inventory that asset management team is ultimately sourcing and providing versus it being in a silo tool or a spreadsheet right I like to say spreadsheets are a number one competitor in the asset space right but something out there outside not residing within the platform but if you're using it within the same platform that your security team is managing their vulnerabilities within they can ultimately source that data quickly what like what you showed right with that SQL Server um source that data in that inventory quickly and take action on it you're not waiting to reach out to the Mells of the world or the itams of the world to for them to export inventory you just start looking and stuff does that make sense does that would you answer it any differently or add context to that no that's perfect it's just like you said it's just a great Better Together story being able to pull you know unified platform unified data model being able to pull that information in in real time and not you know not have to wait for a rescan which is what you would have to do if you didn't have that data uh you know readily available right Goa a good question and again I want to keep encouraging people if you have questions drop them in the chat um you know we'll definitely make sure that we get to them Tim do you want to talk to us a little bit about kind of what you showed maybe summarize it or would you like me to keep going on to the next slide completely yeah no I can just I can summarize it really quickly quickly so yeah exactly exactly I just kind of summed up what I what I was going to show here in bullet point so um what I showed was just the Better Together story between service now vulnerability response and software Asset Management you know allowing your security teams to uh manage their response to a potential zero day event um utilizing VR and some supporting workflow so we leveraged uh you know the exposure assessment within VR we leveraged that Downstream Sam data to identify potential exposures and this is going to drive down your overall time to respond and remediate which are the two biggest you know threats in in a zero day scenario right getting out ahead of the threat actors and uh you know lastly just being able to leverage those cross platform workflows for the overall response process so um you know I showed creating vulnerable items as like a manual action so that's not within vulnerability response they're not manually created what happens is uh scanner data comes in and is matched against CMD bcis with vulnerabilities and VI are created automatically so uh but again we're not we're just showcasing how you don't need to wait for your scanner to come back with that data payload you can get ahead of this and and and you will manually create them but you're drastically reducing your time to respond yeah so different options right ultimately giving the ability back to the customer uh to take action quickly you leveraging and using the information that's already provided within Sam but if they do have you know upto-date scans that are quickly able to pull in that information through automated fashion that might be a good option as well so it's not either or maybe it's both at the same time right depending on what you identify through the scanners thanks for the demonstration yeah no and there's a question in the chat can service now give information of a vulnerability is being exploited currently uh the short answer is absolutely yes so um you know within the within the sack Ops modules right where we're not a vulnerability scanner we rely on the qualus TBL rapid sevens you name it to pull that information in but we also rely on Integrations with like nvd and cisa so um you can definitely use like cesa kebs are a very common uh data point used to determine if a vulnerability is known to be exploitable and you can 100% pull that into the platform and build that into your overall um your logic for sure I'm gonna I'm gonna be the stupid one on the call but some of that some of what you gave back right those the TBL of the world those are agent based or agentless based Discovery kind of capabilities on the SE Ops Team or SE Ops side we can ulate integrate those other two that you provided are those like security postures or Frameworks or yeah our US security people love acronyms so in it General right so nvd is a national vulnerability database so that is a it's um it is a National Database of vulnerabilities and so we integrate with that um it's like a free feed it pulls in uh you know all the vulnerabilities that are known um and cisa is the oh boy I gotta think of the exact acronym but basically cyber security yeah I forget the exact acony but cisa the cisa kevs are basically a Kev is a known exploitable vulnerability so what that is is and and folks often use this to kind of curate down the list of vulnerabilities that they're focusing on in their environment uh so it's basically a vulnerability that is known to have an exploit right a lot of vulnerabilities that are out there are theoretical so like in a perfect sandbox in a perfect lab someone was able to exploit something but there's not a threat actor out there using it uh it is again Theory um the cisa Kev bulletins are called are actually people are out there exploiting this in the wild oh wow so oh wow okay yeah okay definitely good points that you can bring in right into the platform so so you have a visual visibility instead of having to go out to their separate portals or log into that information outside of the platform so good call um did you want to talk about this really quickly or we should we keep going I I'll actually demo this quick think we time for like a like a three minute demo let's do it all right let's see that's what everybody's here for nobody wants to see slideware and hear us talk and make jokes awful jokes but yeah love it okay let's just jump in here let me know when you can see my screen you're good all right so um so this is I'm just going to run through what security posture control is so this is another uh service now sack Ops offer control is is it's going to allow you to to visualize and report on security gaps that might exist in your environment so um you you know you and the reason I want to show this is because this is really on the asset side right so you this leverages service C connectors to pull data in so maybe some of the common ones that you're using to pull in asset data right maybe it's active directory Jam um or others what it's going to do is so we can pull that information in and so we can see right in this dashboard we've got a count of our assets um we've got our top five sources that are pulling an asset information what this lets you do is so you've got that asset information you're pulling in from those service graft connectors you can actually connect your security tooling via service craft connectors here and then you can start to see where you have gaps so a couple of the key insights that I'll just talk about I'll make this quick um these are like the top three is npoint protection installed right so we've got a service graph connector pulling in you know all of our computers from active directory that are not stale right they've been updated within 90 days um but is our endpoint protection soft software service craft connector reporting those same assets and if it's not we have a problem right so we have a we have a a coverage Gap here and the same the same it's really rinse and repeat across these other categories you know again pulling in uh assets from your directory but are they managed right are they getting configuration changes pushed to them are they being patched are they being you know actively managed or are they just sitting out there kind of in the ethereum so it's just really important data points to know from a security perspective and last but last but not least vulnerability scan coverage right so we've got that list of assets again but is our vulnerability scanner reporting it and um this is an area where we see you know I see in my conversations with customers and and in my practitioner days is is one of the biggest places for a security Gap because there are maybe routes that are not correct on a firewall so your scanner can't get to the machines on those subnet or um maybe it's a sensitive device that can't be scanned real time um there is generally a an an overlap and a gap there so it's an important metric to be able to report on so um you have the ability to go in here and create far more detailed um insights and policies that I'm going to show in this demo there's a lot of metadata that can come back with these security connectors but you know since we're here talking about assets I did just want to kind of highlight this it is an important use case of overall asset visibility in the security space awesome appreciate that um so we did have a couple questions sorry I'm kind of trying to answer them but I'll just answer them live rather than um go through so one of the questions was um Ser the service now provided overall risk overall Asset Risk score um So within the platform within that reporting that I had show prior to um when it talks about end of life end of support end of extended support the reporting that comes with ham and Sam there is a risk score associated with that as far as is it high risk medium risk low risk um and those we do provide a risk um level to you um so that it would you know again if you have it maybe in a server environment it might be a higher risk especially if it's um or an extreme risk right if it's um already past end of life um so there's some some um basic I would say very basic uh ratings that we provide to you out of the box but you can actually go in and tweak that to meet a matrix that you might have within your own environment so that's one thing that we provide on the software and Hardware side um Tim I don't know do you have any kind of risk Matrix provided on the security side that might be maybe on the CIS or anything like that that you're aware of yeah yeah um absolutely so and that that's another kind of great you know power of the platform Better Together story um you can so I'm just actually gonna I'm gonna I'm gonna present here again because why not sure so let me know and you can see that so so specifically to vulnerability response and and and and security incident response which that's I'm not going to get into sir today but within VR right you have the ability so so that this is a challenge that a lot of um Security Programs face nowadays is you know how do I rate the risk for an Associated vulnerability right a lot of uh your traditional teams have been just relying on the cbss score right like oh it's a 10 worlds on fire LS run around like crazy but there's a lot the reality is there's a lot of criteria that go into kind of determining an overall risk score so we have within VR we have a a risk calculator that you can if there's a data point in the platform so like end of life end of support those are data points that we can pull out we can assign weights to those and that can impact the overall risk score so you can see down here this is just using like Ci exposure um you know is it uh internet facing uh what's the business service criticality you know the vulnerability severity things like that is there an exploit that does exist for it and we can assign weights to these and again you can add like if you can pull the data point out of the platform you can add it here as a risk criteria and you can see so this takes this kind of heat map down below shows what the resultant risk score is based on that and this is real time you could go in and adjust these weights in real time and it will update down here what your resulting risk score would look like so um to answer the question directly yes so if you have like an end of support if you Windows 2003 server still on your network like that like was definitely end of life um you could give that a risk score of like you know 100 very easily this this allows you to refactor risk based on um and this is really a really powerful tool within vulnerability response it allows you to refactor that risk based on what matters to your organization not just cbss scores so love it so hopefully that answered the question and then one more question um I don't know if we answered this already but it was dropped in the chat can service now also give information if a vulnerability is being exploited currently so it sounds like if I remember correctly that's coming through some of those feeds that we have um so you want to just hit that one more time and we can put that one to bed yeah yeah I I think I might have answered this one already but definitely did okay again with the using the cesa Kev information 100% okay I'll try and keep up next time thanks for calling me out Tim all good just kiding so let me my screen let's go ahead and start wrapping things up um again stay tuned with us if you have further questions um we can give you an opportunity to come off and talk with us but some of the things that are going on out in the world around asset management and SE Ops we have a few um or I guess four different workshops that are going on um around the US so uh we'll definitely have to figure out something for those Costa Rica people that are over there and definitely want to make I'm sure we give you love but um we have a wor them uh Hands-On Workshop so there's a lab included in that on both software and asset that's September 10th um that'll be given Rich will be part of that that session um I will be in San Diego on September 19th and doing a workshop um again Hands-On lab session uh for customers in San Diego um and the rich will be doing one for New York and depending on how many people we get actually um going to the New York session there might be a call back to do a SE a second session because we tend to have a lot of customers going and visiting that location so uh feel free to come out and if you're interested in any of these workshops reach out to your AES they can definitely uh make sure that we get you registered for them we would love to see you in person um shake your hand do some introduction and then on the SE op side it looks like we have a top golf which looks a lot funner than doing something in the in the office I I need to do a top golf one H but we do have a top top golf over in Charlotte North Carolina on September 18th um Tim will you be at that location or is that a will okay I will be there and it's it's a Hands-On as well so hands on with VR and SPC so love it so yeah give give us the opportunity to meet you in person don't be shine um so to grab this material after the fact um we do do have our our website is live so if you scan this QR or go to this specific um website then you can actually go into our and see all press recordings you're able to register for the next session that's coming up which I'll talk to on the next slide um but being able to um manage the material and gather it on your own um I will still continue to send out for anybody that's been part of these sessions I'll still continue to send out thank you um emails after this with links to um the the recordings on YouTube uh links to our website and then also the slide deck that we shared in this session but do give us some time it does take a minute to get our extended team to upload that into YouTube and then ultimately get that linked over into uh into the website itself but we will definitely make sure that we follow up with you so take a look at that website and let us know what you think so so what is our next session so I'm going to go ahead and launch a poll real quick before I show what we're going to be talking about but if you can go ahead and um answer the poll of anything that you're interested in better togethers features within the platform again we can't go over vanado do yet products holding our hands we're making it they're making us sit down and not talk about it I'm super excited uh about what's coming down the pipeline and excited to get this in front of y'all but um anything outside of what's coming out in zado do is H is an option as as far as the topic so feel free to drop something in there if you're really interested in talking about it but this SE our next session is actually going to be um about Pam and E so we did do a indoor mapping session I think it was the last last month or the prior to U month where we talked about indoor mapping and we kind of talked about it within e Enterprise asset management and ham Hardware asset management and um there seem to be some questions about you know what is e and how do you use it and what how is it different than Hardware Asset Management um so we've kind of taking that those questions and we're like you know what let's unpack it let's talk about it so we will be actually inviting in two experts on the E side so uh David he is on our manufacturing team as asset manager solution consultant um so he'll beom coming in and talking about it from a manufacturing standpoint um Lillian is our e expert so she really Dives deep into the capabilities around e and then you'll have myself en Rich that will be talking about the hardware side of it um Hardware Asset Management which has been around a little bit longer than the e s so any questions that you might have around the two different products please go out register um we'll definitely try and get those questions answered in the next session so I will go aead ahead and stop sharing I will also stop the recording