I had the opportunity to attend the Knowledge18 conference this past week, and from the registration to closing, I’ve never been to a show that's had so much energy. Knowledge18 staff would start the morning with a DJ playing music and with the staff energetically greeting attendees/sponsors while moving to the music. The Tripwire booth also had quite a unique scene where we tied ServiceNow’s ticketing to Willy Wonka’s chocolate factory giving out golden tickets. I had the honor of being the world’s tallest Oompa Loompa at 6’3 – or it could be explained that similar to how the camera adds 10lbs, it also cuts off 3ft.
Mike TeeVee and myself were able to sneak away for a few sessions ranging from vulnerabilities in a CMDB to an attack simulation of trying to prevent a breach. Before you ask, the answer is yes, I was in full Oompa Loompa costume for the whole thing. If you attended any sessions on May 10th, you may of also ran into Willy Wonka as well. Out of all the great sessions I was able to attend, the attack simulation definitely stole the show in my eyes.
The attack simulation was aptly named “Can you prevent the breach?” For it, we used ServiceNow to work against a slew of attacker bots with defender bots to assist. There were automated tickets being created for ServiceNow. You had to correctly diagnose the ticket for points, where the wrong answer resulted in losing points. The tickets were things like a CPU spike with a possible DDoS attack or data being transferred off the network; you had to figure out whether it was a false positive or not. The attacker bots resulted in tickets involving the exploitation of vulnerabilities or even an insider threat you had to track down. The defender bots were capable of approving changes prior to implementation, but you definitely did not want to implement changes without the right authority. You also got bonus points for prevention of future attacks, so if a ticket came in and you were able to track it down to a CVE, then you could create a ticket to patch the vulnerability that would prevent future attacks.
I went into this simulation with a background of security, but outside of high level knowledge, I’d never used the ServiceNow solution. By the end of the simulation, I was comfortable in creating tickets and knowing the different workflows for HR management (insider threat termination), change tickets, problems and security incidents. I was blown away to see the ServiceNow platform tuned to function like a game by assigning points that goes to a scorecards it is definitely an effective way to learn the tool. If you get a chance to attend a Knowledge conference in the future I cannot recommend enough giving this lab a shot. You’ll also never know what you’ll run into at the Tripwire booth while learning how we integrate into ServiceNow. If you are interested in learning more about how Tripwire and ServiceNow integration can benefit your business, you can request a demo here. Alternatively, you can find out more about our #TWGoldenTicket campaign here.
