SUPPORT

24/5 Hotline Support Service

+44 (0)20 3588 3841

Open a Support Ticket

support@netsparker.com

Integrating Netsparker Enterprise with ServiceNow

ServiceNow is an issue tracking system that helps organisations to manage issues. It also helps businesses prioritize and share tasks across departments. This means you can find precise indicators of problems to prevent issues, benchmark responses to responses, and predict future issues.

This topic explains how to configure Netsparker Enterprise to send a detected vulnerability to ServiceNow.

For further information, see What Systems Does Netsparker Integrate With?.

ServiceNow Fields

This table lists and explains the ServiceNow fields in the New ServiceNow Integration window.

Button/Section/Field

Description

Name

This is the name of the configuration that will be shown elsewhere.

Mandatory

This section contains fields that must be completed.

URL

This is the ServiceNow instance URL.

Username

This is the name of the user. If you are using a personal access token (see below), leave this field blank.

Password

This is the password that is used for the ServiceNow account.

Title Format

This is the string format that is used to create the vulnerability title.

Optional

This section contains optional fields.

Severity

This is the severity of the bug.

Category

This is the category in which to assign cases. The options are: Inquiry/Help, Software, Hardware, Network, and Database.

Caller ID

This is the ID of the person who reports the incident.

Due Days

This is the number of days from the date the issue was created to the date it’s due.

Assigned To ID

This is the ID of the user to whom the issue is assigned.

Custom Fields

This section contains user-defined custom fields.

New Custom Field

Click to create a new custom field.

Name

Enter a name for the new custom field.

Value

Enter a value for the new custom field.

Dropdown

Click the dropdown to change the input type. The options are:

  • Text
  • Password
  • Textarea
  • File upload

Create Sample Issue

Once all relevant fields have been configured, click to create a sample issue.

How to Integrate Netsparker Enterprise with ServiceNow

  1. Log in to Netsparker Enterprise.
  2. From the main menu, click Integrations, then New Integration.

  1. From the Issue Tracking Systems section, click ServiceNow. The New ServiceNow Integration window is displayed.

  1. In the Name field, enter a name for the integration.
  2. In the Mandatory section, complete the connection details:
    • URL (ServiceNow Server)
    • Username (The name must be unique)
    • Password
    • Title Format
  3. In the Optional section, complete as required.
  4. Click Create Sample Issue to confirm that Netsparker Enterprise can connect to the configured system. A confirmation message is displayed to confirm that the sample issue has been successfully created.

  1. In the confirmationmessage, click the Issue number link to open the issue in your default browser.
  2. If the ServiceNow integration is not configured correctly, Netsparker Enterprise will correctly route descriptive error messages to you. Here is a sample error message.

How to Export Reported Vulnerabilities to Projects in ServiceNow

There are several ways to send issues to ServiceNow with Netsparker Enterprise:

  • Once notifications have been configured, you can configure Netsparker Enterprise to automatically send vulnerabilities after scanning has been completed (see How to Configure a Notification to Report Vulnerabilities to an Issue Tracking System).
  • You can send one or more issues from the Issues window:
    • You must have Manage Issue permission.
    • From the main menu, click Issues, then All Issues. The Issues window is displayed.
    • Select one or more issues you want to send.
    • Click Send To, then ServiceNow.

    • A popup is displayed, with a link to the issue you have sent to ServiceNow. If there is an error, this information will be displayed instead.

  • You can send an issue from the Recent Scans window:
    • From the main menu, click Scans then Recent Scans.

    • Next to the relevant scan, click Report. The report is displayed.
    • Scroll down to the Technical Report section.
    • From the list of detected vulnerabilities, click to select an issue and display its details.

    • Click Send To, then ServiceNow

    • If you have previously submitted this vulnerability to ServiceNow, it will already be accessible. You cannot submit the same issue twice.
  • If you view opened problem logs in ServiceNow, they look like this.

Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

GET A DEMO