ServiceNow
The ServiceNow integration detects a variety of data loss prevention, account misconfiguration, and user security risks in an integrated ServiceNow instance that could leave you and your organization vulnerable.
adminaccess to a ServiceNow instance- Ability to create an OAuth API endpoint for external clients
For the ServiceNow integration to function, Cloudflare CASB requires the following permissions:
Globalapplication scope
These permissions follow the principle of least privilege to ensure that only the minimum required access is granted. To learn more about each permission, refer to the ServiceNow Application scope documentation.
The ServiceNow integration currently scans for the following findings, or security risks. Findings are grouped by category and then ordered by severity level.
To stay up-to-date with new CASB findings as they are added, bookmark this page or subscribe to its RSS feed.
Identify security risks related to the ServiceNow instance itself.
| Finding | Severity |
|---|---|
| ServiceNow Production Instance with exposed admin credentials | Critical |
| ServiceNow Production Instance with exposed database user credentials | High |
| ServiceNow Instance with exposed admin credentials | High |
| ServiceNow Instance with exposed database user credentials | Medium |
Flag user-related security risks and misconfigurations.
| Finding | Severity |
|---|---|
| ServiceNow user with pending password reset | High |
| ServiceNow user with 3+ failed login attempts | Medium |
| ServiceNow user with locked account | Low |
| ServiceNow user without MFA enabled | Low |
| ServiceNow user with no assigned roles | Low |
| ServiceNow user inactive | Low |
| ServiceNow user without recent activity | Low |
Identify issues related to ServiceNow incidents.
| Finding | Severity |
|---|---|
| ServiceNow incident with no assigned user and High Priority | High |
| ServiceNow incident with no assigned user | Medium |
Highlight potential misconfigurations in ServiceNow knowledge articles.
| Finding | Severity |
|---|---|
| ServiceNow knowledge article without expiration date | Low |
| ServiceNow knowledge article without any roles | Low |
| ServiceNow knowledge article with flagged status | Low |
Detect issues related to ServiceNow integrations and access controls.
| Finding | Severity |
|---|---|
| ServiceNow Internal Integration user | Low |
| ServiceNow Web Service Access only user | Low |