Exciting news! Thirdera has been acquired by Cognizant.

Read more
Contact Us

Health Insurance Provider Automates Remediation Using ServiceNow's Security Incident Response

Offering health insurance and related services to more than 2 million customers, this client wanted to establish a single source of truth to centralize and automate the remediation of active security incidents and vulnerabilities.

Project Snapshot

50%

security incidents converted to actionable cases

40%

reduction in resolution times

Client size: 3,000+ Client industry: Insurance Client location: U.S.

 

Key Challenges


alert exclamation point warning caution icon thirdera pink (2)

Existing remediation process was handled using ITSM incidents without much automation. The organization’s tools at the time required optimization and upgrades to achieve a higher and more successful response rate.

alert exclamation point warning caution icon thirdera pink (2)

It was difficult identifying resolution groups due to lack of standardized data from scanners. This resulted in some incidents never being resolved.

alert exclamation point warning caution icon thirdera pink (2)

Vulnerabilities were being routed to teams manually in recurring meetings. Known unfixable vulnerabilities were excluded via reporting consequently becoming unapproved exceptions.

 

Our Solution

Thirdera, a Cognizant company facilitated migration from a custom solution in ITSM to SIR while leveraging the platform's workflow automation capabilities to accelerate incident remediation.

Web site thirdera pink (2)

ServiceNow Security Incident Response
SIR was used to consolidate security incidents from Splunk and KnowBe4, providing data privacy for security incidents across the organization.

cloud circuit icon thirdera pink

 

Threat Intelligence

Used observables (Indicators of Compromise) table and prioritization to improve resolution decisions by identifying shared security incident attributes and parent-child relationships.

workflow icon thirdera (3)

 

Remediation Routing

Vulnerability classification, assignment and grouping enabled automatic routing of vulnerable items to the correct remediation teams for faster resolution.

Flowchart thirdera pink (1)

 

Exception Handling

Automatic exception rules enabled known approved exceptions to be deferred without manual intervention.

   

The Result

Reduced resolution times
Time to respond and resolve security incidents has been reduced by aggregating and prioritizing 1,500 security incidents into 750 actionable cases.


Increased efficiency with vulnerability patches
~40% of critical and high-risk vulnerable items are automatically deferred for known approved configurations.

 

Faster routing and remediation
Vulnerable items are correctly routed to appropriate remediation teams.

About Thirdera, a Cognizant company

Thirdera, a Cognizant company is an Elite-level ServiceNow partner, enabling customers to maximize the value of the ServiceNow platform through workflow-enabled services and solutions. Founded in 2021 and acquired by Cognizant in 2024, Thirdera, a Cognizant company is one of the largest and most credentialed ServiceNow partners globally. We offer world-class guidance to help businesses accelerate growth and productivity. With expertise and capabilities spanning experience design, process optimization, and AI-accelerated solutions, we are ushering in the next era of transformation, automation, and partner expectation. Visit www.thirdera.com for more information.

Contact us today to discuss your next project and enter a new era of ServiceNow partner experience.

Get in touch

WRITTEN BY

Michael Henderson

Michael has been a content marketing professional in the ServiceNow space for over 10 years. His focus is developing engaging content that empowers clients to make informed decisions throughout their service management journey.
[case-study, security-risk, hcls-industry] [Case Study, Security & Risk, HCLS Industry]