Begin Scanning a ServiceNow App
To begin scanning a ServiceNow app:
- Register Prisma SaaS in the ServiceNow management console.
- Log in to the ServiceNow management console as admin.
- Select.System OAuthApplication Registry
- Select.NewCreate an OAuth API endpoint for external clients
- Enter a uniqueNamefor Prisma SaaS.
- If you are using the Istanbul (or higher) release, enter aRedirect URI/URL. The redirect you enter depends on the Prisma SaaS location:For North America, use:https://app.aperture.paloaltonetworks.com/auth/servicenow/callbackFor Europe, use:https://app.aperture-eu.paloaltonetworks.com/auth/servicenow/callbackFor Asia-Pacific, use:https://app.aperture-apac.paloaltonetworks.com/auth/servicenow/callback
- Submityour changes.
- Add the ServiceNow app on Prisma SaaS.
- From the Prisma SaaSDashboard, clickAdd a Cloud App, and selectServiceNow.
- Select one of the following:
- Connect to ServiceNow Account—Select this option if you’re using an earlier release of ServiceNow (Fuji, Geneva, or Helsinki).
- Istanbul or higher—Select this option is you are using the ServiceNow Istanbul (or higher) release.
- Log in to the ServiceNow app.
You can copy the client ID and client secret from thepage in the ServiceNow management console.System OAuthApplication Registry
- For Istanbul or higher, enter theServiceNow URL(for example,https://acmecorp.service-now.com/),Client ID, andClient Secret.
- For earlier releases (Fuji, Geneva, or Helsinki) enter theServiceNow URL(for example,https://acmecorp.service-now.com/),Client ID, andClient Secret. Also, enter theUsernameandPasswordfor your ServiceNow account.
- AllowPrisma SaaS access to the ServiceNow account.After authentication, the new ServiceNow app is added to the list of Cloud Apps as ServiceNown,wherenrepresents the number of ServiceNow app instances you have connected to Prisma SaaS. The instance displays a list of available tables but if you need to add any additional tables, contact Palo Alto Networks Customer Support.
- (Optional)Give a descriptive name to this app instance and specify additional app settings.
- Go toSettingsand select the ServiceNowninstance listed.
- Enter a descriptiveNameto differentiate this instance of ServiceNow from other instances.
- Enter anAdmin UserName(for example,firstname.lastname@example.org).As a best practice, create a separate administrator account and use that email address for Prisma SaaS. If you opt to use an existing admin account instead of a new account, the administrator activities are not tracked on Prisma SaaS. Creating a separate account enables you to monitor events generated by ServiceNow administrators on.ExploreActivities
- ClickDoneto save your changes.
- Add policy rules.When you add a new cloud app, Prisma SaaS automatically scans the app against the default data patterns and displays the match occurrences. As a best practice, consider the business use of your app to determine whether you want toAdd a New Asset Rule to look for incidents unique to ServiceNow.
- Configure or edit a data pattern.
- Start scanning ServiceNow for possible policy violations or data exposure.
- Select.SettingsCloud Apps & Scan Settings
- In the Cloud Apps row that corresponds to the ServiceNow app you just added, select.ActionsStart ScanningPrisma SaaS scans files and matches them against enabled policy rules, to verify that your policy rules are effective. Depending on the number of ServiceNow users and assets, it may take some time for Prisma SaaS to complete the process. However, you can Monitor Scan Results on the Dashboard and begin to Assess Incidents. Monitoring the progress of the scan during the discovery phase allows you to Fine-Tune Policy to modify the match criteria and ensure better results.
Recommended For You
Recommended videos not found.