Skip to main content
Sign Up

Integrate a new ServiceNow source

Setting up and configuring this integration is limited to users with an Owner or Manager access level. ServiceNow installation is only open to workspaces under the Business plan, but uninstallation is open to all. Alternatively, you can install and test secret detection in ServiceNow with a 30-day trial. Any secret incidents created during this period will remain accessible in your incident dashboard after the trial period.

GitGuardian integrates natively with ServiceNow via a dedicated User that you can create from your ServiceNow instance. Note that GitGuardian only has read access to your tables.

Setup your ServiceNow integration

You can install GitGuardian on multiple ServiceNow instances to monitor your tables.

1. Create a new user

  1. Login to your ServiceNow instance
  2. Go to Organization > Users and click on New to create the new user required for authentication ServiceNow Create New User
  3. Set a User ID (e.g.: GitGuardian) and click Submit to create it ServiceNow GitGuardian User

2. Give the required roles to the user

  1. Click on the User ID (e.g.: GitGuardian) to edit it and add the required roles
  2. Go to the Roles tab and click Edit...ServiceNow Edit User
  3. Add the following roles and click Save:
    • admin
    • snc_read_only The admin role will give the user access to all tables, while the snc_read_only role will restrict access to read-only. ServiceNow Edit User
  4. Click Update to validate the roles added to the user ServiceNow Validate User Edition

3. Set a password to the user

  1. Click on the User ID (e.g.: GitGuardian) to edit it and set a password
  2. Click on Set Password
  3. Click on Generate and copy the password
  4. Save by clicking on Save Password and Close
  5. Uncheck Password needs reset option and click UpdateServiceNow Set Password User

4. Finalize the configuration in GitGuardian

  1. In the GitGuardian platform, navigate to the Sources integration page
  2. Click on the Install button next to ServiceNow in the Ticketing section ServiceNow install
  3. Click on the Install button of the ServiceNow integration page
  4. Paste your ServiceNow instance URL in the API endpoint URL field (e.g.: https://acme.service-now.com/)
  5. Paste the newly created Username (e.g.: GitGuardian), its associated Password, and click AddServiceNow integration

That's it! Your ServiceNow instance is installed and we are now monitoring all records of your tables for secrets.

Uninstall your ServiceNow instance

To uninstall a ServiceNow instance:

  1. In the GitGuardian platform, navigate to the Sources integration page
  2. Click on the Edit button next to ServiceNow in the Ticketing section
  3. Click on the bin icon next to the ServiceNow instance to be uninstalled
  4. Confirm by clicking on the Yes, uninstall button in the confirmation modal ServiceNow uninstall

That's it! Your ServiceNow instance is now uninstalled.

Limitations

This integration is currently available in beta and has a number of limitations:

  • Scan Frequency: A scan is performed every hour. It may take several minutes to detect a newly leaked secret.
    On GitGuardian Self-Hosted instance, the frequency of scanning can be configured from the Admin Area.
    • Time interval unit is: second
    • Default value is: 3600 (1 hour)
    • Minimum value is: 1800 (30 min)
  • Monitored Perimeter: Customization of the monitored perimeter is not supported. All tables are monitored by default.
  • Team Perimeter: Customization of a team perimeter with ServiceNow tables is not supported. Users must be part of the All-incidents team to view and access secret incidents related to ServiceNow.
  • Source Visibility: The visibility of tables is not determined. All tables are considered private in both the UI and API.
  • Presence Check: The presence check feature is not supported. All occurrences are considered present in both the UI and API.
  • File Attachments: File attachments are not scanned.
  • Occurrence Previews: Previews of occurrences are not supported.

Privacy

Country-specific laws and regulations may require you to inform your users that your tables are being scanned for secrets. Here is a suggestion for a message you may want to use:

As part of our internal information security process, the company scans its tables for potential secrets leaks using GitGuardian. All data collected will be processed for the purpose of detecting potential leaks. To find out more about how we manage your personal data and to exercise your rights, please refer to our employee/partner privacy notice. Please note that only tables relating to the company’s activity and business may be monitored and that users shall refrain from sharing personal or sensitive data not relevant to the table’s purpose.

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status