ServiceNow
  • 1 Minute to read
  • PDF

ServiceNow

  • PDF

Article summary

About this document


This document provides step-by-step instructions to onboard a ServiceNow account in SAFE.

Introduction


SAFE integrates with ServiceNow via read-only APIs and fetches the security misconfiguration of the ServiceNow account in SAFE.

Prerequisites


To configure ServiceNow in SAFE, you need the following details:

  • Instance Name: Instance name of the user’s ServiceNow Instance (e.g., safe.service-now.com)
  • Client ID and Secret Key: To generate a Client ID and Secret Key, you must have a ServiceNow Administrator role.

Generate Connection Details (Client ID and Secret Key)


  1. Log in to your ServiceNow Account as admin. 
  2. Click the All tab, and search for System OAuth > Application Registry.
    Service Now Config
  3. Click the Application Registry option.
  4. Click the New button available at the top-right corner of the screen.
    Service Now Config 1
  5. On the New page, click the “Create an OAuth API endpoint for external clients” option.
    Service Now Config 3
  6. Enter a Name for the application and click the submit button. The system creates a new app.
  7. Go to the created app details page.
  8. Copy the Client ID and Client Secret.
    Service Now Config 4

Configure ServiceNow in SAFE


  1. Navigate to Safe Hooks and click the ServiceNow card.
  2. Enter the Instance Name.
  3. Enter the Username and Password (Admin Username and Password for ServiceNow account)
  4. Enter the Client ID and Client Secret Key.
  5. Enter auto-sync frequency in days.
  6. Click the Test Connection button.
  7. Once the connection is validated, click the Save button
  8. Once the configuration is saved, click the Sync Now button to trigger the on-demand sync outside of the scheduled auto sync.

Service Now Config 6


View Result


After a successful sync, SAFE automatically imports the ServiceNow assets.

To view the assets pulled from ServiceNow:

  1. Navigate to Technology > Assets.
  2. Filter the asset list with Asset Type as ServiceNow. The system displays all the Servicenow assets.
    Service Now Config 7
  3. Click the Asset name.
  4. The system displays all the controls and their status for ServiceNow.

Service Now Config 8

To view the results:

  1. Navigate to the Risk Scenario page and click the Group Risk tab.
  2. Click the Cloud - SaaS Applications Risk.
  3. On this page, the system displays the actionable insights for your ServiceNow account if it finds critical misconfigurations.
    Service Now Config 9
  4. Scroll down and click the Attack Surface view. 
  5. Here you can see the ServiceNow asset.
  6. Clicking the ServiceNow asset, the system displays all the controls and their status for ServiceNow.
    Service Now Config 10

Was this article helpful?

What's Next