Platform Security & SecOps services
Specialist ServiceNow security consulting delivered by practitioners. Two practices, one specialization: Platform Security and SecOps under one roof.
Platform Security
- Instance Security Assessment: read-only posture review across roles, ACLs, integrations, authentication, and platform hardening. (2–3 weeks)
- Instance Penetration Testing: white-box testing on your live instance with replayable proof-of-concepts. (3–4 weeks)
- Embedded Security Partner: fractional senior security engineer on retainer, clearing your Security Center backlog and reviewing every change. (Monthly retainer)
- Vault Implementation: end-to-end Vault rollout for SOC 2, ISO 27001, HIPAA, GDPR-regulated data; scope dependent on customer needs. (6–24 weeks, scope-dependent)
- Platform Access Posture Assessment: read-only access review of roles, groups, ACLs, inheritance chains, and toxic combinations that grant admin. (3–5 weeks)
- Platform Access Cleanup: execute the remediation plan with role consolidation, least-privilege redesign, provisioning workflows, and access certification. (8–12 weeks)
SecOps
- SecOps Implementation: end-to-end ServiceNow SecOps including SIR, USEM (Unified Security Exposure Management), and Threat Intelligence. (12–20 weeks)
- SecOps Value Acceleration: operationalize SecOps that's already implemented but underused. (8–14 weeks or rolling)
- SOAR Playbook Design & Implementation: for teams with SIR live but without the playbook depth, integrations, and automation to call it SOAR. Delivered by ServiceNow CAD + CIS-SIR certified engineers. (8–14 weeks)
- OT Vulnerability Response Implementation: purpose-built for industrial environments, with Purdue-Level-aware risk modeling and OT-certified integrations (Nozomi, Claroty, Armis). (14–22 weeks)