Begin Scanning a ServiceNow App

To begin scanning a ServiceNow app:
  1. Register Prisma SaaS in the ServiceNow management console.
    1. Log in to the ServiceNow management console as admin.
    2. Select
      System OAuth
      Application Registry
      .
    3. Select
      New
      Create an OAuth API endpoint for external clients
      .
    4. Enter a unique
      Name
      for Prisma SaaS.
    5. If you are using the Istanbul (or higher) release, enter a
      Redirect URI/URL
      . The redirect you enter depends on the Prisma SaaS location:
      For North America, use:
      https://app.aperture.paloaltonetworks.com/auth/servicenow/callback
      For Europe, use:
      https://app.aperture-eu.paloaltonetworks.com/auth/servicenow/callback
      For Asia-Pacific, use:
      https://app.aperture-apac.paloaltonetworks.com/auth/servicenow/callback
    6. Submit
      your changes.
  2. Add the ServiceNow app on Prisma SaaS.
    1. From the Prisma SaaS
      Dashboard
      , click
      Add a Cloud App
      , and select
      ServiceNow
      .
      service-now-tile-frame.png
    2. Select one of the following:
      • Connect to ServiceNow Account
        —Select this option if you’re using an earlier release of ServiceNow (Fuji, Geneva, or Helsinki).
      • Istanbul or higher
        —Select this option is you are using the ServiceNow Istanbul (or higher) release.
    3. Log in to the ServiceNow app.
      • For Istanbul or higher, enter the
        ServiceNow URL
        (for example,
        https://acmecorp.service-now.com/
        ),
        Client ID
        , and
        Client Secret
        .
      • For earlier releases (Fuji, Geneva, or Helsinki) enter the
        ServiceNow URL
        (for example,
        https://acmecorp.service-now.com/
        ),
        Client ID
        , and
        Client Secret
        . Also, enter the
        Username
        and
        Password
        for your ServiceNow account.
      You can copy the client ID and client secret from the
      System OAuth
      Application Registry
      page in the ServiceNow management console.
    4. Click
      OK
      .
    5. Allow
      Prisma SaaS access to the ServiceNow account.
      After authentication, the new ServiceNow app is added to the list of Cloud Apps as ServiceNow 
      n,
      where
      n
      represents the number of ServiceNow app instances you have connected to Prisma SaaS. The instance displays a list of available tables but if you need to add any additional tables, contact Palo Alto Networks Customer Support.
  3. (Optional)
    Give a descriptive name to this app instance and specify additional app settings.
    1. Go to
      Settings
      and select the ServiceNow 
      n
      instance listed.
    2. Enter a descriptive
      Name
      to differentiate this instance of ServiceNow from other instances.
    3. Enter an
      Admin UserName
      (for example,
      admin@servicenow.com
      ).
      As a best practice, create a separate administrator account and use that email address for Prisma SaaS. If you opt to use an existing admin account instead of a new account, the administrator activities are not tracked on Prisma SaaS. Creating a separate account enables you to monitor events generated by ServiceNow administrators on
      Explore
      Activities
      .
    4. Click
      Done
      to save your changes.
  4. Add policy rules.
    When you add a new cloud app, Prisma SaaS automatically scans the app against the default data patterns and displays the match occurrences. As a best practice, consider the business use of your app to determine whether you want toAdd a New Asset Rule to look for incidents unique to ServiceNow.
  5. Configure or edit a data pattern.
    You can Configure Data Patterns to identify specific strings of text, characters, words, or patterns to make it possible to find all instances of text that match a data pattern you specify.
  6. Start scanning ServiceNow for possible policy violations or data exposure.
    1. Select
      Settings
      Cloud Apps & Scan Settings
      .
    2. In the Cloud Apps row that corresponds to the ServiceNow app you just added, select
      Actions
      Start Scanning
      .
      Prisma SaaS scans files and matches them against enabled policy rules, to verify that your policy rules are effective. Depending on the number of ServiceNow users and assets, it may take some time for Prisma SaaS to complete the process. However, you can Monitor Scan Results on the Dashboard and begin to Assess Incidents. Monitoring the progress of the scan during the discovery phase allows you to Fine-Tune Policy to modify the match criteria and ensure better results.

Recommended For You