Begin Scanning a ServiceNow App
Learn how to add a ServiceNow app so that SaaS Security API can protect your assets against data exfiltration and malware propagation.
To begin scanning a ServiceNow app:
- Register SaaS Security API in the ServiceNow management console.
- Log in to the ServiceNow management console as admin.
- Select.System OAuthApplication Registry
- Select.NewCreate an OAuth API endpoint for external clients
- Enter a uniqueNamefor SaaS Security API.
- If you are using the Istanbul (or higher) release, enter aRedirect URI/URL. The redirect you enter depends on the SaaS Security API location:For North America, use:https://app.aperture.paloaltonetworks.com/auth/servicenow/callbackFor Europe, use:https://app.aperture-eu.paloaltonetworks.com/auth/servicenow/callbackFor Asia-Pacific, use:https://app.aperture-apac.paloaltonetworks.com/auth/servicenow/callback
- Submityour changes.
- Add the ServiceNow app on SaaS Security API.
- From theDashboard, clickAdd a Cloud App, and selectServiceNow.
- Select one of the following:
- Connect to ServiceNow Account—Select this option if you’re using an earlier release of ServiceNow (Fuji, Geneva, or Helsinki).
- Istanbul or higher—Select this option is you are using the ServiceNow Istanbul (or higher) release.
- Log in to the ServiceNow app.
You can copy the client ID and client secret from thepage in the ServiceNow management console.System OAuthApplication Registry
- For Istanbul or higher, enter theServiceNow URL(for example,https://acmecorp.service-now.com/),Client ID, andClient Secret.
- For earlier releases (Fuji, Geneva, or Helsinki) enter theServiceNow URL(for example,https://acmecorp.service-now.com/),Client ID, andClient Secret. Also, enter theUsernameandPasswordfor your ServiceNow account.
- AllowSaaS Security API access to the ServiceNow account.After authentication, the new ServiceNow app is added to the list of Cloud Apps as ServiceNow n, where n represents the number of ServiceNow app instances you have connected to SaaS Security API. The instance displays a list of available tables but if you need to add any additional tables, contact Palo Alto Networks Customer Support.
- (Optional) Give a descriptive name to this app instance and specify additional app settings.
- Go toSettingsand select the ServiceNow n instance listed.
- Enter a descriptiveNameto differentiate this instance of ServiceNow from other instances.
- Enter anAdmin UserName(for example,email@example.com).As a best practice, create a separate administrator account and use that email address for SaaS Security API. If you opt to use an existing admin account instead of a new account, the administrator activities are not tracked on SaaS Security API. Creating a separate account enables you to monitor events generated by ServiceNow administrators on.ExploreActivities
- ClickDoneto save your changes.
- Add policy rules.When you add a new cloud app, SaaS Security API automatically scans the app against the default data patterns and displays the match occurrences. As a best practice, consider the business use of your app to determine whether you want toAdd a New Asset Rule to look for incidents unique to ServiceNow.
- Configure or edit a data pattern.
- Start scanning ServiceNow for possible policy violations or data exposure.
- Select.SettingsCloud Apps & Scan Settings
- In the Cloud Apps row that corresponds to the ServiceNow app you just added, select.ActionsStart ScanningSaaS Security API scans files and matches them against enabled policy rules, to verify that your policy rules are effective. Depending on the number of ServiceNow users and assets, it may take some time for SaaS Security API to complete the process. However, you can Monitor Scan Results on the Dashboard and begin to Assess Incidents. Monitoring the progress of the scan during the discovery phase allows you to Fine-Tune Policy to modify the match criteria and ensure better results.
Recommended For You
Recommended videos not found.