1 (866) 866-2320 Straight Talks Events Blog

Going Beyond Surface-Level IT Configuration Data: How Evolven Elevates ServiceNow


Going Beyond Surface-Level IT Configuration Data: How Evolven Elevates ServiceNow


This content is brought to you by Evolven. Evolven Change Analytics is a unique AIOps solution that tracks and analyzes all actual changes carried out in the enterprise cloud environment. Evolven helps leading enterprises cut the number of incidents, slash troubleshoot time, and eliminate unauthorized changes. Learn more

While high-level messaging for IT operations may sound similar, ServiceNow (SNOW) and Evolven differ in their approach to configurations, changes, and change risk - each providing unique capabilities. In part one of this two-part blog series, we'll focus on the basics of data acquisition. In part two, we’ll discuss analysis and integration.

First, let's talk about the players and what they bring to the table…! 

Evolven’s Configuration Risk Intelligence Platform is designed from the ground up to provide the following:

  1. Frequent & Granular Deep Data Collection: Evolven automatically collects millions of granular IT configurations across your hybrid IT environment, offering insights into detailed deployed configurations and changes across the entire estate - cloud and on-premises.
  2. Change Detection: Evolven detects changes at the most granular level, covering code, configurations, software artifacts, and data, providing a comprehensive view of the entire configuration estate.
  3. Overhead Protection: Evolven's technology is laser-focused on “first doing no harm” by providing lightweight collections and requiring little oversight.
  4. AI-powered Risk Mitigation: Evolven uses patented AI to mitigate stability, compliance, and security risks that arise from misconfigurations and changes.
  5. Change Reconciliation: Evolven automatically correlates actual changes with expected changes using its patented machine-learning algorithms.
  6. Consistency Analysis and Drift Detection: Evolven analyzes configuration consistency within and across environments, ensuring that similar configurations are properly aligned.

Although the platform can address many other use cases, for this blog, we want to focus primarily on a comparison with Service Now, and for this first blog of this series, we will only cover the first three points with some helpful examples. Blog two again will discuss analysis and integration.

ServiceNow (ITSM, ITOM, and CMDB) is the de facto leader for efficient workflow processes providing:

  1. Service-Mapping for CMDB: ServiceNow's out-of-the-box collections are designed to collect surface-level information to enable service mappings for discovery and populating Configuration Items (CIs) in their configuration management database (CMDB)
  2. Change Detection: ServiceNow also provides change detections, however, by default, they detect changes at the CI-level for service mapping. In fact, to get to the granular details from ALL changes in the IT environment, many of our customers frequently use Evolven to enhance their ServiceNow capabilities - especially around unauthorized change detection.
  3. Change Reconciliation: Out-of-the-box ServiceNow does a relatively basic comparison with change requests based on time and related CIs in its CMDB. But given its intentionally limited discovery data, SNOW provides a robust API with excellent support for third-party vendors like Evolven to add additional details for detected changes and CIs. Integration is key for robust and all-inclusive change reconciliation to meet audit requirements. !
  4. Intelligent Workflow Automation: ServiceNow focuses on intelligent workflow automation, extending beyond IT into risk management and enterprise asset management in all business areas. This is a strong suit of ServiceNow and another reason to combine Evolven’s data with SNOW workflow management.

In a nutshell, the ServiceNow platform is focused on distilling actions and workflows from data, primarily provided by other tools, and managing communications with AI-driven agents, machine learning logic paths, and business intelligence to streamline work between different people and functions in the organization (not limited to IT, including Legal, HR, Finance, and third parties.)

Here, we will discuss the first three areas where Evolven differs from and further elevates the functionality provided by ServiceNow.

More details and more data lead to better decisions

When analyzing the differences and similarities, it is important to understand that the two solutions are designed and positioned for different objectives. ServiceNow ITSM is a workflow management and automation platform targeted at organizing, tracking, and executing IT processes. ServiceNow’s IT Operations Management (ITOM) module focuses on event management, aggregating and processing events from internal monitoring components and 3rd party tools. As part of that ITOM offering, it provides a service mapping discovery tool to populate its CMDB with Configuration Items (CIs) along with their dependencies and basic CI configurations. For example, OS version, installed components, devices, and possible application dependencies, etc., at a level of scoped resolution sufficient to populate systems, applications, and relationships.

In other words, interdependency context is of the greatest importance to ServiceNow. This information is the bare essential information used to relate service/change/incident tickets, events, and vulnerabilities to the related and affected CIs, which aids in providing context for prioritization and workflow management. And at this level of detail customers can feel like they are getting change reconciliation without too much hassle.  But the devil is in the details!

Evolven is a configuration risk intelligence platform focused on extracting deep data from all IT systems - out-of-the-box for all data types. This is done at the most granular level, using patented AI to highlight risky differences in the actual changes - all in near real-time. Evolven does this with extremely low overhead at an extremely large scale. The platform uses agents on operating systems such as Windows or Linux and, for example, will collect over 3000 configuration parameters for Windows OS, registry, CLI output, and files via scans every 15 minutes that utilize less than 5% of CPU.

Evolven's out-of-the-box knowledge base supports in-depth granular collections for hundreds of different technologies and versions. These include mainframe, web servers, directory servers, application servers, message buses, databases, operating systems, hypervisors, virtualization platforms, public cloud platforms, containerization platforms, private cloud platforms, infrastructure devices, code repositories, etc.


Figure 1 - Evolven collects all configuration types from all platforms with granular details.

ServiceNow's out-of-the-box collections are intentionally limited to surface-level information for service mapping. So while the ITOM Discovery service will deliver information from an operating system like Windows or Linux that includes installed software and running processes by default, the Evolven platform will deliver installed and running software, users, roles, permissions, registry settings, DLLs installed, network settings, installed certificates, host file parameters, and other details necessary to machine learning and root cause analysis! We will note that the service mapping modules in ServiceNow can be set up to collect more, but ServiceNow isn't optimized to manage and analyze the scale and scope of data like Evolven's platform - again, Evolven was purpose-built to do this.

To process the volume and complexity of all of this information collected, Evolven uses a patented vertical AI analytics engine that deduplicates redundant information, filters out noisy changes, and makes correlations from disparate but related data points. Evolven's AI engine proactively identifies risks of executed changes, prioritizes changes for root cause analysis, and verifies detailed compliance controls. This critical component of Evolven's solution makes the collected granular data actionable and consolidates redundant data. On the other hand, ServiceNow discovers and maps services at a high level and doesn't collect these granular details because it's meant to be a “database of databases”. In this federated model, Evolven is an incredibly valuable database of detailed change history and detailed information easily accessible through API and our out-of-the-box integration with ServiceNow ITSM and CMDB.

What to expect next

Tune in next week when we’ll explore the ways that Evolven uses its patented AI to analyze the information it collects and how this acts as a valuable source of operational, compliance, and security configuration risk intelligence for our customers.

Further Research

If you are really interested in knowing more details or seeing a side-by-side comparison of Evolven and ServiceNow, you can download a comparison from here  or schedule a demo with our team!

About the Author
Jim Wachhaus
Director of Product Marketing, has been in technical roles on cybersecurity products for over two decades and is passionate about the discipline of cyber system defense.