ServiceNow - Experts & Thought Leaders

HackerOne, a pioneer in offensive security solutions, announced the appointment of Nidhi Aggarwal as Chief Product Officer (CPO) and member of the executive leadership team. Aggarwal will lead the execution of HackerOne's platform vision and product strategy, unifying the company’s product portfolio around a more integrated, AI-powered experience that seamlessly scales human security expertise through AI agents to not just find but remediate vulnerabilities. HackerOne’s product evolution Aggarwal’s appointment comes at a pivotal moment in HackerOne’s product evolution Aggarwal’s appointment comes at a pivotal moment in HackerOne’s product evolution. Over the past few months, the company released several significant innovations, including new features with Hai, HackerOne’s AI security agent first introduced in February 2024.  These new capabilities — Hai Program Insights, Benchmarks, Recommendations, and Findings — help customers prioritize and act on vulnerabilities more effectively. HackerOne's new Hai Play HackerOne also introduced a new Hai Play, which automatically calculates Return on Mitigation (RoM) based on an organisation’s unique vulnerability data and context.  Additionally, HackerOne is expanding its platform ecosystem by adding integrations with ServiceNow, Secure Code Warrior, and GitLab, as well as enterprise-grade functionality through automations.  Prior roles of Aggarwal Aggarwal brings over 15 years of experience driving growth and innovation at companies A seasoned technology entrepreneur and product pioneer, Aggarwal brings over 15 years of experience driving growth and innovation at companies ranging from early-stage startups to global enterprises.  She co-founded Qwiklabs, a cloud configuration platform acquired by Google, and held executive leadership positions at Tamr, an AI + human-in-the-loop master data management platform where she led product and marketing. She also previously worked at Wellington, Hewlett-Packard Labs, VMware, and McKinsey & Company. She holds a Ph.D. in Computer Science and serves on the Board of Visitors for the Computer Science department at the University of Wisconsin-Madison, which honored her with an Early Career Achievement Award. HackerOne’s leadership in the AI era “Nidhi’s appointment will accelerate HackerOne’s leadership in the AI era,” said Kara Sprague, CEO of HackerOne. “She brings the strategic clarity and operational depth to drive execution of our AI-centric platform vision, deliver more customer value, and ensure that innovation remains at the heart of everything we do.” HackerOne's next-generation platform “HackerOne has a unique opportunity to redefine security in the AI era," said Aggarwal. "By combining human expertise with the power of AI, we're uniquely positioned to deliver high-quality security findings with unprecedented scale and speed." "Our AI-powered platform accelerates vulnerability discovery, triage, and response while equipping both security researchers and customers with intelligent tools and real-time insights. I'm excited to join this exceptional team to build a next-generation platform that enables security and development teams to find and fix vulnerabilities before adversaries can exploit them."

Sonatype, the software supply chain optimisation company, announced an integration with ServiceNow, the AI platform for business transformation, to incorporate Sonatype Lifecycle software composition analysis and open-source vulnerability scans directly into existing workflows. This accelerates the response to application vulnerabilities, particularly in open-source software components, enhancing security measures and remediation efforts across enterprise environments. Unified vulnerability management For customers that use both ServiceNow and Sonatype, the integration enables the seamless transfer of vulnerability scan results from Sonatype Lifecycle directly into ServiceNow’s Application Vulnerability Response (AVR), creating a unified vulnerability management experience combining SCA, SAST, and DAST results from other systems. From this single plane, customers can triage based on risk and initiation of workflows for quick analysis and remediation. Data and malware protection "Bad actors are constantly evolving their attack methods to be quicker and more agile. It’s our job, to ensure customers have our unique open source data and malware protection, when and where they need it, to keep them one step ahead of attackers,” said Mitchell Johnson, chief product development officer at Sonatype. “The integration with ServiceNow makes it even easier for our customers to stay ahead." Open-source software "It ensures that vulnerabilities are identified, tracked, and remediated more efficiently, in turn reducing the risks associated with open-source software vulnerabilities while saving time and money." "By combining our efforts, we empower developers and security teams to collaborate more closely and respond to security risks with greater speed and precision.” Digital business “Partnerships succeed best when we lean into our unique skills and expertise and have a clear view into the problem we’re trying to solve,” said Erica Volini, senior vice president of global partnerships at ServiceNow. "Sonatype’s Lifecycle integration extends our reach well beyond where we can go alone and represents the legacy and goals of the Now Platform. I am thrilled to see the continued innovation we will achieve together to help organisations succeed in the era of digital business.” Vulnerability lifecycle management Integrated solution offers key functionalities including automated import of application vulnerabilities The newly integrated solution offers key functionalities including automated import of application vulnerabilities and predefined workflows for effective vulnerability lifecycle management. This enhances the capabilities of users within Sonatype’s customer base, allowing them to better prioritise and remediate security issues. Key benefits for customers Faster Remediation: Vulnerabilities are flagged swiftly allowing developers to address and remediate issues quickly, significantly reducing the turnaround time and associated risks. Improved Collaboration: The integration fosters enhanced cooperation between development and security teams, ensuring vulnerabilities are addressed comprehensively and efficiently. Streamlined experience The free plugin, which facilitates this integration, is available to all Sonatype Lifecycle customers in the ServiceNow Store. It promises a streamlined experience that not only enhances visibility into application vulnerabilities but also ensures they are managed and remediated promptly within the ServiceNow environment.

Invicti, the pioneering provider of application security testing solutions announced an integration with ServiceNow to pull scan data from Invicti’s pioneering DAST and IAST into ServiceNow’s Application Vulnerability Response (AVR) for a seamless experience between the two systems. The joint effort enables Invicti to create better experiences and drive value for customers built with ServiceNow. ServiceNow Partner programme ServiceNow’s expansive partner ecosystem and new partner programme are critical to supporting the $500 billion market opportunity for the Now Platform and associated partner services. The revamped ServiceNow Partner programme recognises and rewards partners for their varied expertise and experience to drive opportunities, open new markets, and help joint customers in their digital transformation efforts. Impact assessment The certified integration allows for greater prioritisation and potential impact assessment of code flaws As a Registered Build Partner, the certified integration allows for greater prioritisation and potential impact assessment of code flaws that may lead to an exploit. This ability to better show developers and security teams where to focus their efforts furthers its mission to provide AppSec with Zero Noise to customers and the industry. The integration is available in the ServiceNow Store. Automating vulnerability management “Being a part of ServiceNow’s ecosystem is a major benefit for customers working to streamline and automate their vulnerability management and overall application security programmes,” said John Mandel, Chief Engineering Officer at Invicti. “Strong integration between our tools has been an ask from our customers and we’re excited to deliver on this value driver for them.” Skills and expertise “Partnerships succeed best when we lean into our unique skills and expertise and have a clear view into the problem we’re trying to solve,” said Erica Volini, Senior Vice President of Global Partnerships at ServiceNow. “Invicti extends our reach well beyond where we can go alone and represents the legacy and goals of the Now Platform. I am thrilled to see the continued innovation we will achieve together to help organisations succeed in the era of digital business.” Vulnerability Response system Invicti also has integrations with ServiceNow’s Vulnerability Response system, allowing bi-directional functionality and customisations for customers to gain better visibility and automation from vulnerability discovery through remediation, saving developer time and improving security posture through stronger vulnerability management and application security.