Back to Blog

UpGuard Brings Better Vulnerability Detection to ServiceNow

This post has been superseded at

UpGuard_Scriptrock_homepage_June2016UpGuard, which rebranded from ScriptRock at the beginning of the year, has announced an integration with ServiceNow that will make it easier for customers to spot and fix security vulnerabilities.

“Enterprise and service management has so many layers to its infrastructure, it can be difficult to keep track while also effectively securing your network,” UpGuard CEO Mike Baukes explained. “Integrating our technology with ServiceNow allows us to provide joint customers deep visibility into the status of their stack, and fix anything down to the most specific lines of code.”


Pictured: UpGuard co-founder and co-CEO Alan Sharp-Paul during his presentation “Integrity in the Age of DevOps” at FinDEVr 2015 in San Francisco.

While ServiceNow is a powerful and scalable ITSM platform, the UpGuard integration produces a solution that provides context and granular detail on specific IT asset and configuration changes. The goal is to be able to answer the questions: “How do we know what the change did?” and “How do we know if the change was successful?” in often complex and multi-layered IT infrastructures.

In a video, UpGuard Marketing Manager John Chang explains the challenge this way:

“On a high level we see there are really two sides of change. There is planned change and there’s actual change, what actually occurs within your environment. Now when you plan something, i.e. you have a change record for it, it goes through the proper change process, but you fail to execute it properly, this is what we call ‘failed change.’

“When something happens that wasn’t planned and wasn’t authorized, we call that ‘unauthorized change’. So there are two processes monitoring and managing this: the change validation process and the unauthorized change detection process. These are the things that are basically activated and enabled with UpGuard/ServiceNow integration.”


(click image for video)

Headquartered in Mountain View, California and founded in 2012 as Scriptrock, the company rebranded as UpGuard in January 2016. That same month, UpGuard unveiled CSTAR, a comprehensive, FICO-like cybersecurity and compliance readiness score for businesses. The company has raised more than $9 million in funding, with its most recent raise a $8.7 million Series A in 2014. UpGuard includes August Capital, 500 Startups, Square Peg Capital, Starfish Ventures, and Valar Ventures among its investors.

Recent headlines for UpGuard include earning a spot on the CyberSecurity 500 roster of the top cybersecurity firms last month, as well as meriting inclusion in Merlin’s list of  seven tools for server management. The company announced a deal in March that would make its technology available through Ingram Micro value-added distributor, Promark Technology. Forbes profiled UpGuard and its plans to bring its CSTAR technology to the “$7.5 billion global cybersecurity insurance market” in February.