Thirdera Looks to Secure ServiceNow SaaS Applications

Thirdera today launched a cybersecurity offering for ServiceNow software-as-a-service (SaaS) applications that consolidates submitted phishing incidents, automates manual steps and surfaces enriched threat data.

Josh Tessaro, director for security and risk for Thirdera, said Attentive: Advanced Phishing Response provides security teams with a single workspace to track, manage and contain phishing events. It extends the Security Incident Response User Reported Phishing application created by ServiceNow along with workflow automation tools and third-party integrations to accelerate time-to-contain and time-to-resolution for phishing incidents.

Capabilities include an Automation Roadmap to eliminate manual processes, tools to examine, for example, emails to determine if attackers are disguising campaigns and a repeatable Phishing Playbook based on best practices defined by Thirdera. The overall goal is to reduce the current 11 manual steps that cybersecurity teams need to take to combat these attacks down to three or four, said Tessaro.

As ServiceNow applications have become more widely employed, the number of phishing attacks being aimed at users has steadily increased, noted Tessaro. The Attentive: Advanced Phishing Response service, on average, can reduce manual task time by 87% and cut the time to contain malicious incidents by 65%, the company claimed.

Organizations have been adopting ServiceNow to automate the management of IT along with a range of business processes. As such, the platform’s reach within organizations that have adopted it is extensive. As such, it presents a rich target environment for cybercriminals that, if compromised, would enable them to spread malware laterally across an entire application environment.

It’s not clear whether phishing attacks are being aimed specifically at SaaS applications such as ServiceNow. Since the beginning of the COVID-19 pandemic, the number of organizations that have adopted these types of cloud applications to enable employees to easily switch between working remotely or in an office has increased considerably. The challenge is the more employees that work remotely, the more difficult it can be to defend against phishing attacks that attempt to steal end user credentials.

There are, of course, a range of anti-phishing tools and platforms that cybersecurity teams could use. Thirdera is making a case for an approach that is tightly integrated with the ServiceNow application environment. Each cybersecurity team is going to need to decide how much to invest in tools that are designed for specific SaaS applications, but the Thidera approach is integrated within a larger automation framework that ServiceNow customers are already employing, noted Tessaro.

One way or another, SaaS application security needs to become a higher priority. Many organizations tend to assume providers of these applications are securing them. However, if a cybercriminal gains access to credentials, it’s not likely the providers of these applications would be able to distinguish them from a legitimate end user. As such, it’s incumbent on the organizations that employ these applications to defend them from phishing attacks. Thanks to the rise of generative artificial intelligence (AI) platforms such as ChatGPT, those attacks are likely to become even more difficult to detect.

Avatar photo

Michael Vizard

Mike Vizard is a seasoned IT journalist with over 25 years of experience. He also contributed to IT Business Edge, Channel Insider, Baseline and a variety of other IT titles. Previously, Vizard was the editorial director for Ziff-Davis Enterprise as well as Editor-in-Chief for CRN and InfoWorld.

mike-vizard has 745 posts and counting.See all posts by mike-vizard