Skip to main content

Integrate a new ServiceNow source

Setting up and configuring this integration is limited to users with an Owner or Manager access level. ServiceNow installation is only open to workspaces under the Business plan. However, you can install and test secret detection in ServiceNow with a 30-day trial. Any secret incidents detected during the trial will remain accessible in your incident dashboard.

GitGuardian integrates natively with ServiceNow via a dedicated User that you can create from your ServiceNow instance. Note that GitGuardian only has read access to your tables.

Setup your ServiceNow integration

You can install GitGuardian on multiple ServiceNow instances to monitor your tables.

1. Create a new user

  1. Login to your ServiceNow instance
  2. Go to Organization > Users and click New to create the new user required for authentication ServiceNow Create New User
  3. Set a User ID (e.g.: GitGuardian) and click Submit to create it ServiceNow GitGuardian User

2. Give the required roles to the user

  1. Click on the User ID (e.g.: GitGuardian) to edit it and add the required roles
  2. Go to the Roles tab and click Edit... ServiceNow Edit User
  3. Add the following roles and click Save:
    • admin
    • snc_read_only The admin role will give the user access to all tables, while the snc_read_only role will restrict access to read-only. ServiceNow Edit User
  4. Click Update to validate the roles added to the user ServiceNow Validate User Edition

3. Set a password to the user

  1. Click on the User ID (e.g.: GitGuardian) to edit it and set a password
  2. Click Set Password
  3. Click Generate and copy the password
  4. Save by clicking Save Password and Close
  5. Uncheck Password needs reset option and click Update ServiceNow Set Password User

4. Finalize the configuration in GitGuardian

  1. In the GitGuardian platform, navigate to the Sources integration page
  2. Click Install next to ServiceNow in the Ticketing section ServiceNow install
  3. Click Install on the ServiceNow integration page
  4. Paste your ServiceNow instance URL in the API endpoint URL field (e.g.: https://acme.service-now.com/)
  5. Paste the newly created Username (e.g.: GitGuardian), its associated Password, and click Add ServiceNow integration

That's it! Your ServiceNow instance is now installed, and GitGuardian is monitoring all records of your tables for secrets.

Uninstall your ServiceNow instance

To uninstall a ServiceNow instance:

  1. In the GitGuardian platform, navigate to the Sources integration page
  2. Click Edit next to ServiceNow in the Ticketing section
  3. Click the bin icon next to the ServiceNow instance to uninstall
  4. Confirm by clicking Yes, uninstall in the confirmation modal ServiceNow uninstall

That's it! Your ServiceNow instance is now uninstalled.

Limitations

This integration is currently in beta and has the following limitations:

  • Scan Frequency: Scans occur once an hour. It may take several minutes to detect newly leaked secrets.
    For GitGuardian Self-Hosted instances, scan frequency can be configured in the Admin Area.
    • Time interval unit: seconds
    • Default value: 3600 (1 hour)
    • Minimum value: 1800 (30 minutes)
  • Monitored Perimeter: Customization of the monitored perimeter is not supported. All tables are monitored by default.
  • Team Perimeter: Customization of a team perimeter with ServiceNow tables is not supported. Users must be in All-incidents team to view and access ServiceNow incidents.
  • Source Visibility: The visibility of tables is not determined. All tables are considered private in both the UI and API.
  • Presence Check: The presence check feature is not supported. All occurrences are considered present in both the UI and API.
  • File Attachments: File attachments are not scanned.
  • Occurrence Previews: Previews of occurrences are not supported.

Privacy

Country-specific laws and regulations may require you to inform your users that your tables are being scanned for secrets. Here is a suggestion for a message you may want to use:

As part of our internal information security process, the company scans its tables for potential secrets leaks using GitGuardian. All data collected will be processed for the purpose of detecting potential leaks. To find out more about how we manage your personal data and to exercise your rights, please refer to our employee/partner privacy notice. Please note that only tables relating to the company’s activity and business may be monitored and that users shall refrain from sharing personal or sensitive data not relevant to the table’s purpose.

Last updated on

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status