About Ivanti Neurons for Security Operations Managment

Version: 2023.3

Ivanti Neurons for SOM converts Event to a Group Business Object and creates Network and Security Event types under the new Event Business Object. This gives you more flexibility in integrating Event with other systems.

Important: The following features are available as Ivanti Neurons for SOM, part of the Neurons for ITSM Enterprise paid enhancement package.

The software integrates with RiskSense and uses an API call to import Network and Security Events. You can also create new Network and Security Events and create Incidents or Changes to help manage your events. Track unmanaged devices on a dashboard and integrate with Atlassian Jira Software and Azure DevOps to automatically create issues.

You can apply Neurons for SOM 2023.3 over previous versions of the Neurons for SOM application. Existing configurations (including integrations) will not be affected.

Minimum platform version requirements: IvantiNeurons for ITSM 2022.3

Prerequisites:

Contact Ivanti Professional Services Organization (PSO) to obtain and install the Ivanti Neurons for SOM package.

Gather this information from the Ivanti Neurons for Risk-Based Vulnerability Management (RBVM) environment:

Neurons for RBVM API URL

API Key

For local customers (non-SaaS), verify the Integration Server is running.

Install the Ticket Sharing and Synchronization integration.

What's Included

The following scripts are included in the software:

RiskSense - CIs by Security Event

RiskSense - Create Security Events

RiskSense - Security Event Details

RBVM Integration Using Export API

These scripts have been updated for Neurons for SOM 2023.1. If you have already installed an older version of Neurons for SOM, the previous scripts (RiskSense Integration, RiskSense Integration -Get CIs, RiskSense Integration - Link CI to Ransomware Incident) will not be overwritten.

RiskSense Integration Schedule: Set the start and end times to run the scripts above. See Creating a Schedule in About the Schedule Entry and Scheduled Jobs Workspaces

See Creating a Scheduled Workflow in Using Workflows

Unmanaged Device Dashboard Special Part: Use this to track unmanaged devices on a dashboard. It isn't tied to a dashboard, so you can add it to any existing dashboard. See Using Special Parts in Using the Dashboard Center.

Integration with the Jira Service Desk Connector: The RiskSense integration works with the Jira Service Desk Connector (part of the Ticket Sharing and Synchronization package). The Jira Service Desk Connector is a separate package that you can find in the Ivanti Marketplace. See Jira Service Connector for Ivanti Automation.

If you're not currently using the Event Business Object, we recommend you delete the demo data from the package import before you use this software. This makes it easier to find events that you create or import. There are 2000+ demo records.

To delete demo data:

1.Open the Event workspace.

2.From the list view, change the Page Size to 100.

3.Highlight all events on the page, and then select Delete.

4.Repeat steps 2-3 for all pages.