How do I setup integration with ServiceNow?

Holm Security offers the possibility to integrate and send tickets directly into ServiceNow. This allows for quicker and easier management of your vulnerabilities. The ticket status will be updated automatically in ServiceNow.

Integration setup

In order to integrate Holm Security with ServiceNow, follow the steps below.

  1. Login to Security Center.
  2. Click on the Menu Icon in the top right corner.
  3. Click Integrations > Remediation > ServiceNow.
  4. Enable ServiceNow by checking the checkbox.
  5. Enter your ServiceNow cloud credentials:
    • Username
    • Password
    • URL
    • Ticket naming
  6. Click Establish connection.
    Once connected two drop downs will appear allowing you to connect the integration with "Table" and "Assignment group".
    Note: Currently you can choose between two tables, Ticket or Incident tables. When a ticket/incident is created, it will be automatically be assigned to the chosen assignment group.
  7. Click OK
  8. Done!

Note: Turn on the notifications for ServiceNow in Remediation > Setup > Enable ServiceNow notifications

Ticket status update

Task status is being automatically synchronized with Vulnerability Manager and the remediation module - it means, that if our scanner will detect, that vulnerability no longer exists, it will close the ticket (with status fixed) in Remediation module and also will close the ticket in ServiceNow.

Example scenario:

  1. Scanner detected vulnerability which was reported in Vulnerability Manager.
  2. Security engineer verified the vulnerability and created a ticket from Security Center level (tickets can also be created automatically based on policy rules without any human interactions, read more about it in this article: How do I create a remediation policy? - tickets are being created both in Remediation module and in ServiceNow including all necessary descriptions.
  3. Responsible person remediate the vulnerability.
  4. Customer rerun the scan (scans can also run automatically if there is an active schedule setup).
  5. The scanner is verifying whether the previously defined vulnerability still exists - if not, the task is being closed both in the ServiceNow system and remediation module.
Have more questions? Submit a request


Please sign in to leave a comment.