Cloud workflow powerhouse ServiceNow Inc. is wasting no time in expanding its footprint in its newest market: computer security.

Barely three months after announcing the expansion of its platform into security operations, the company said it has acquired BrightPoint Security Inc. for an undisclosed sum. BrightPoint provides threat intelligence by combining information from multiple external sources to quickly identify relevant threats and communicate that information to its customers.

ServiceNow said the integration of BrightPoint will improve the quality of insights it can offer to customers to aid in their security decision-making. The company said it is addressing a communication gap inside most enterprises that slows down response times. According to an Enterprise Strategy Group study of 184 security professionals commissioned by ServiceNow, 93 percent said their response to threats and intrusion is hindered by manual and informal processes.

“Many times the chief information security officer reports to the CIO, but the IT and security teams still work in silos,” said Piero DePaoli, senior director of product marketing for security at ServiceNow. “Much of the communication is managed by email.”

Human-generated email is antithetical to ServiceNow’s approach to workflow automation. The company’s cloud-based tools enable customers to streamline and formalize processes according to rules. Launched in 2003, ServiceNow was one of the first enterprise software-as-a-service (SaaS) vendors and it is today one of only three with more than $1 billion in annual revenues. The company is valued at more than $12 billion.

ServiceNow is staking out a corner of the security market that is thinly populated. The company has no intention of getting into the market for tools that detect or thwart cyber criminals. Rather, it intends to partner with such companies and incorporate their technologies into its workflow system via open APIs.

“We’re not focused on detection but on processing security incidents in context so that there’s a workflow for dealing with them,” DePaoli said.

He cited the example of setting priorities for a severe vulnerability that affects a test machine in a lab versus a lower-level vulnerability that affects the CEO’s laptop. Protocol would typically dictate that security teams should tackle the severe threat first, despite the limited potential impact on the business. Using ServiceNow’s workflow rules, priorities can be adjusted according to factors like the operations affected or the potential business disruption. In that world, the CIO gets the nod.

ServiceNow’s platform replaces human-to-human email notification with machine-generated alerts that can be delivered in various ways, such as via a console, short message text or email. The goal is to minimize human decision-making whenever rules can be applied.

ServiceNow said it would release more details about the acquisition in conjunction with its second-quarter financial results announcement, which should come in late July.

Sean Convery, vice president and general manager of the security business unit at ServiceNow, outlined ServiceNow’s security strategy on theCUBE with hosts Dave Vellante and Jeff Frick at ServiceNow Knowledge 2016, at the Mandalay Bay in Las Vegas, NV earlier this month (14:52)

Graphic by Enterprise Strategy Group via ServiceNow