Begin Scanning a ServiceNow App
To begin scanning a ServiceNow app:
- Register the Aperture Service in the ServiceNow
- Log in to the ServiceNow management console as admin.
- Select System OAuthApplication Registry.
- Select NewCreate an OAuth API endpoint for external clients.
- Enter a unique Name for the Aperture service.
- If you are using the Istanbul (or higher) release,
enter a Redirect URI/URL. The redirect you
enter depends on your Aperture service location:For North America, use:
https://app.aperture.paloaltonetworks.com/auth/servicenow/callbackFor Europe, use:
https://app.aperture-eu.paloaltonetworks.com/auth/servicenow/callbackFor Asia-Pacific, use:
- Submit your changes.
- Add the ServiceNow app.
- From the Aperture Dashboard, Add a Cloud App.
- Select ServiceNow.
- Select one of the following:
- Connect to ServiceNow Account—Select this option if you’re using an earlier release of ServiceNow (Fuji, Geneva, or Helsinki).
- Istanbul or higher—Select this option is you are using the ServiceNow Istanbul (or higher) release.
- Log in to the ServiceNow app.
You can copy the client ID and client secret from the System OAuthApplication Registry page in the ServiceNow management console.
- For Istanbul or higher, enter the ServiceNow URL (for example, https://acmecorp.service-now.com/), Client ID, and Client Secret.
- For earlier releases (Fuji, Geneva, or Helsinki) enter the ServiceNow URL (for example, https://acmecorp.service-now.com/), Client ID, and Client Secret. Also, enter the Username and Password for your ServiceNow account.
- Click OK.
- Allow Aperture to access your
ServiceNow account.Upon successful authentication using an account with the appropriate privileges, the new ServiceNow app is added to the list of Cloud Apps as ServiceNow n, where n is the number of ServiceNow app instances you have connected to the Aperture service. For example, if this is the second ServiceNow app you have added to the Aperture service, the name displays as ServiceNow 2.The ServiceNow app instance displays a list of available tables and you can contact Palo Alto Networks Customer Support to add any additional ServiceNow tables to the Aperture service.
- Give a descriptive name to this app instance and specify
additional app settings.
- Select the ServiceNow n link on the Cloud Apps list.
- (Optional) Enter a descriptive Name to differentiate this instance of ServiceNow from other instances you are securing.
- Enter an Admin UserName (for
example, firstname.lastname@example.org).As a best practice, create a separate administrator account and use that email address on the Aperture service. If you opt to use an existing admin account instead of using a new account just for the Aperture service, the activities of the administrator whose email address you enter here are not tracked on the Aperture service. Creating a separate account enables you to monitor events generated by actual ServiceNow administrators on ExploreActivities without missing events associated with the admin account you provide here.
- By default, the Aperture service displays a list of tables retrieved from ServiceNow.
- Click Done to save your changes.
- Define global scan settings.
- Add policy rules.When you add a new cloud app, the Aperture service automatically scans the app against the default data patterns and displays the match occurrences. As a best practice, consider the business use of your app to determine whether you want toAdd a New Policy Rule for Content to look for risks unique to the new app.
- (Optional) Configure or edit a data pattern.When you add a new cloud app, the Aperture service automatically scans the app against the default data patterns and displays the match occurrences. You can Configure Data Patterns to identify specific strings of text, characters, words, or patterns to make it possible to find all instances of text that match a data pattern you specify.
- Start scanning the new app for risks.
- Select SettingsCloud Apps & Scan Settings.
- In the Cloud Apps row that corresponds to the new
ServiceNow app you just added, select ActionsStart Scanning.The status changes to Scanning. The Aperture service starts scanning all assets in the associated ServiceNow app and begins identifying incidents. Depending on the number of ServiceNow users and assets, it may take some time for the Aperture service to complete the process of discovering all assets and users. However, as soon as you begin to see this information populating in the Aperture web interface, you can begin to Assess Incidents.
- Monitor the results of the scan.As the Aperture service starts scanning files and matching them against enabled policy rules, Monitor Scan Results on the Dashboard to verify that your policy rules are effective.Monitoring the progress of the scan during the discovery phase allows you to Fine-Tune Policy to modify the match criteria and ensure better results.
Begin Scanning a Jive App
Begin Scanning a Jive App To begin scanning a Jive app: Add the Jive app. From the Aperture Dashboard , Add a Cloud App . ...
Begin Scanning a Microsoft Exchange App
Use the Aperture service to scan and identify incidents found when scanning assets and email attachments in your MS Exchange app. ...
Begin Scanning a Confluence App
Begin Scanning a Confluence App Before you can begin scanning a Confluence app, you must configure the application links required for authentication and communication between ...
Begin Scanning a Box App
Begin Scanning a Box App If you plan to Begin Selective Scanning Using Azure Active Directory Groups Add your Azure Active Directory to Aperture to ...
Add Cloud Apps to the Aperture Service
Add Cloud Apps to the Aperture Service To begin securing the Supported SaaS Applications The Aperture service provides a consistent security policy for your SaaS ...
Begin Scanning a Cisco Webex Teams App
Begin Scanning a Cisco Webex Teams App The Aperture service scans messages and files shared on spaces within the Cisco Webex Teams app. To begin ...
Begin Scanning Microsoft Office 365 Apps
Begin Scanning Microsoft Office 365 Apps To begin scanning Microsoft Office 365 apps: Add company.onmicrosoft.com as an internal domain. See Define Your Internal Domains Add ...
Begin Scanning Citrix ShareFile Apps
Begin Scanning Citrix ShareFile Apps To begin scanning Citrix ShareFile apps: Add your Citrix fileshare domain(s) as an internal domain on the Aperture service. . ...
Begin Scanning Dropbox, GitHub, or Yammer
Begin Scanning Dropbox, GitHub, or Yammer Use the following procedure to add Dropbox, GitHub, or Yammer as a monitored cloud application on the Aperture service. ...