This guide will walk through some additional details of our ServiceNow integration.

Integration Setup

1. Navigate to the ServiceNow Development Dashboard instance you want synced to Secureframe.

2. In the top navigation bar, click on All.

3. In the filter search bar, type "Application Registry" then select the link.

4. In the top right, click on the New button.

5. Select the first option, Create an OAuth API endpoint for external clients.

6. Name the application. This name will be used to identify it in ServiceNow to connect to Secureframe.

7. Click the lock icon next to Redirect URL to edit the field.

8. Paste the following into the Redirect URL field: https://app.secureframe.com/integrations/service_now

9. Leave all other fields as is.

10. Click Submit.

Provide Client ID

1. Find the newly created application within the Application Registries list and click on the name to view details.
2. Copy the Client ID and paste it into the Secureframe connection form.

Provide Client Secret

1. Click the lock icon next to Client Secret to copy the contents.
2. Copy the Client Secret and paste it into the Secureframe connection form.

Provide Instance Name

1. From the URL, identify the instance name by selecting the text after "https://" and before ".service-now.com".
   • For example, if your URL is "https://dev279635.service-now.com", the instance name is "dev279635".

2. Paste the instance name into the Secureframe connection form.

3. Click Start Connection.

ServiceNow Integration benefits

Our updated ServiceNow integration automates compliance checks and evidence collection for five requirement categories (which are presented as tests in Secureframe).

1. Vulnerability Tracking: Security vulnerabilities are tracked to resolution, as per applicable SLAs
   • Example vulnerability sources: internal vulnerability scans, external vulnerability scans, ASV scans, penetration tests, bug bounty programs, inbound reporting, and vendor announcements
2. Security Incident Tracking: Security incidents are tracked to resolution, as per applicable SLAs
3. System Change Tracking: Significant system changes are tracked to deployment, as per applicable SLAs
   • Note: This is not required for HIPAA compliance
   • Example system changes: general infrastructure changes, network & router changes, firewall changes
4. Access Tracking: System access changes are tracked to resolution, as per applicable SLAs
   • Example access changes: access onboarding, access offboarding, permission modifications, and transfers
5. Nonconformity and Corrective Action Tracking: Nonconformities are tracked and resolved via corrective actions, as per applicable SLAs
   • Note: Requirement is specific to ISO 27001
   • Example access changes: access onboarding, access offboarding, permission modifications, and transfers

Feature 1: Task Tracking

By defining your ServiceNow task label(s) within Secureframe on a per requirement basis, our integration pulls in all of your tasks with matching label(s). This shows auditors that you properly track tasks pertaining to these requirement categories.

Feature 2: Timely Task Close Out

Additionally, for each label defined within Secureframe, you can specify an SLA (# in days) for that label. Secureframe flags tasks that remain open longer than the specific SLA for that label. This shows auditors that you close out tasks in a timely manner.

• Note: Most compliance frameworks require an SLA to be in place for medium, high, and critical vulnerabilities and for all security incident priorities. Nonconformities are specific to ISO 27001 and SLAs are required.

By taking advantage of these two features, you can avoid taking many screenshots that are traditionally required for audits. Our integration can prove that tasks are tracked (labels) and closed out in a timely manner (SLAs).

ServiceNow labels

Within ServiceNow, you can assign labels to tasks. This is useful for categorizing tasks. You can specify labels in use within Secureframe to pull in tasks with the respective labels.

Enable the ServiceNow functionality

1. Within "Monitoring," navigate to "Integrations" > "ServiceNow - Settings"
2. Edit or acknowledge the "Testing Start Date." This date defaults to the date that you connected ServiceNow in Secureframe. It can be used to prevent tasks prior to a certain date from being pulled into Secureframe.
3. For each requirement category you wish to automate, specify one or more labels.
   • For each label, you can specify data for additional fields - these fields are defined in Secureframe and do NOT pull from ServiceNow.
     • SLA in days: You can assign an SLA to take advantage of Feature 2 mentioned above
       • Note: Secureframe will display failing tasks underneath tests when those tasks exceed specified label-SLA pairs. When theses tasks are closed, the tests will revert to passing even though the SLAs were exceeded. Be mindful of this as an auditor could bring this up during your audit.
     • Priority: You can specify the priority of the label.
     • Source/description: You can specify other details about the label. This field can be useful for giving auditors context on the label's purpose.
   • If you do not specify a label for a requirement category, the equivalent test called out underneath the requirement category will remain an upload.
4. Example label setups/strategies for Vulnerability Tracking

Example 1: Tracking all medium+ vulnerabilities to resolution under a single label

Example 2: Tracking all vulnerabilities to resolution under multiple labels, segmented by priority

Example 3: Tracking all vulnerabilities to resolution under multiple labels, segmented by source

API permissions

We request the following permissions when you connect to ServiceNow. No additional permissions are needed to opt into task tracking.

Permissions, Fields Pulled, Controls, and Automated Tests

1. Click the provided link or navigate to the “Integration” page.
2. Select the “Available” tab.
3. Search for the integration.
4. Click “View Details”.