Commercial Banking Firm + c1secure

Unifying Application & Container Vulnerability Response with ServiceNow SecOps

The Challenge

This enterprise security leader had already invested in ServiceNow Vulnerability Response to manage infrastructure risks but recognized a significant opportunity to extend their coverage across applications and containers. With digital transformation accelerating, visibility gaps between development pipelines and containerized workloads posed a growing security risk.

To achieve a “single pane of glass” for executive-level visibility and to further mature their vulnerability management posture, the customer partnered with c1secure to implement a SmartStart Application and Container Vulnerability Response program leveraging ServiceNow Security Operations.

The objectives were clear:

  • Extend vulnerability response to cover application code and containers
  • Integrate leading scanners (Checkmarx, Sysdig, Sonatype IQ) into ServiceNow
  • Deliver real-time executive dashboards across the entire IT estate
  • Stay as close to Out-of-the-Box (OOTB) as possible to ensure maintainability and scale

The Solution

c1secure delivered a 12-week SmartStart implementation to configure ServiceNow’s Application Vulnerability Response (AVR) and Container Vulnerability Response (CVR) modules, build custom integrations, and unify scanner data into actionable workflows.

Key solution components included:

Seamless Integration of Tools

  • Pre-built connectors for Sysdig and Checkmarx
  • Custom API integration with Sonatype IQ to ingest app-layer vulnerabilities
  • Reconciliation workflows between scanner data and the CMDB

Structured Configuration

  • Vulnerability grouping and assignment rules
  • CI matching and scan schedule automation
  • Remediation workflows with SLA targeting and OOTB exception handling

Executive-Level Visibility

  • Dashboards and reports aggregating vulnerability data across infra, container, and app layers
  • Normalized severity mapping using the NVD and CWE integrations
  • Tailored workspace views and watch topics for key personas

Enablement and Transition

  • UAT coordination and remediation
  • “Train-the-Trainer” enablement across teams
  • Admin knowledge transfer and post-go-live support

The Impact

This engagement delivered a unified vulnerability response platform that empowers security and engineering teams with:

  • Executive visibility into vulnerability posture across applications, containers, and infrastructure
  • Centralized workflows that streamline remediation across scanning tools and CI/CD environments
  • Data normalization and automation, reducing manual effort and improving MTTR
  • Audit-ready reporting, ensuring security leadership can communicate risk effectively
  • A platform foundation to evolve into automated compliance and orchestration in future phases

What the Customer Said

“c1secure brought structure, speed, and security expertise to a highly technical implementation. Their ability to align ServiceNow capabilities with our scanners, risk models, and executive reporting needs was outstanding.”
Security Program Lead

“What used to take days of manual consolidation is now available on-demand in our dashboards. We now have the visibility and operational efficiency we need to stay ahead of risk.”

Summary

Customer: Confidential Global Enterprise
Industry: [Technology / Financial Services / Government – depending on anonymization]
SmartStart: Application & Container Vulnerability Response
Platform: ServiceNow SecOps (AVR + CVR)
Outcome: Unified vulnerability visibility, automated remediation, and risk-aligned dashboards across the modern IT estate