Before You Begin

Complete the following steps before you can use the Tenable for ServiceNow application.

Configure ServiceNow Applications

Tenable recommends that you work with your internal ServiceNow Administrator or ServiceNow Consultant to help setup the applications and follow ServiceNow’s process for development which uses a development > test > production model:

• Install your development instance and tune as necessary.
• Create any modifications using update sets.
• Install the applications on a test environment and promote those update set changes for quality assurance in your test environment.
• Once approved in your test environment, install the Tenable applications on a production environment and apply the update sets.

Note: You need unique credentials for each ServiceNow environment.

Configure ServiceNow MID Server

The ServiceNow MID Server application facilitates communication and movement of data between the platform and external applications, data sources, and services. There can be several MID servers in an environment with some dedicated to development or testing, and others dedicated to production. If your Tenable Security Center or OT Security resides behind a firewall on your internal network, you must use the MID server to access its data.

• Review the MID server section in the ServiceNow documentation.
• Ensure your system meets the MID server system requirements, as described in the MID Server System requirements in the ServiceNow documentation.
• Ensure your system meets the MID Server memory requirements, as described in the Set the MID Server JVM memory size section in the ServiceNow documentation.

ServiceNow Scoped Application

Application scoping protects applications by identifying and restricting access to application files and data. For more information, see the Application Scope section in the ServiceNow documentation.

Enabling the Application picker under the developer tab in the ServiceNow user interface configuration menu simplifies the Tenable for ServiceNow application configuration.

Tenable requires creating individual ServiceNow users in Tenable Vulnerability Management/Tenable Security Center/OT Security for each of your ServiceNow instances. This helps prevent rate limiting, data collision, etc.

Examples:

• sn_dev
• sn_test
• sn_prod

By segmenting the users, you can also limit the amount of data used in your development and test environments.

In Tenable Vulnerability Management, you can set up an Access Group and limit the data to specific assets to simplify the import and testing of data.

Note: Tenable is converting all access groups into permission configurations. For more information, see Access Groups and Permissions in the Tenable Vulnerability Management User Guide.

In Tenable Security Center, you can create a query that limits the data presented to the development and test users. To determine the best dataset to use for your development and test environments, speak with your Tenable administrator. They can also help you ensure ServiceNow displays the best data by setting up appropriate scan cadences.

In OT Security, you can create users by navigating to Local Settings > Users and Roles > Local Users > Add User.

Generate Tenable Vulnerability Management API Keys

To generate unique API keys to integrate ServiceNow with Tenable Vulnerability Management:

1. Log in to Tenable Vulnerability Management.
2. Create administrator accounts (For example, development, test, production) dedicated for use with ServiceNow. ServiceNow uses these accounts to connect to Tenable Vulnerability Management to retrieve asset data.

3. Generate API keys and save them for use with ServiceNow.

   Note: For your Tenable Vulnerability Management integration:

   • Generate an API key in Tenable Vulnerability Management to complete the configuration.  See the Tenable Vulnerability Management user guide for instructions on how to generate an API key. (Do not use this API key for any other third party or custom-built application or integration. It must be unique for each installed instance of the integration.)
4. Navigate to Settings > Access Groups.
5. Click the All Assets group.
6. Do one of the following:
   • If the All Users toggle is enabled, do nothing.
   • If the All Users toggle is disabled:
     1. Click the + button.
     2. Add the ServiceNow users you created in step 2.

Generate Tenable Security Center API Keys

Create unique API keys to integrate Tenable Security Center with ServiceNow:

1. Log in to Tenable Security Center.
2. Create security manager accounts or Create security analyst accounts (e.g., development, test, production) with full access dedicated for use with ServiceNow. ServiceNow uses these accounts to connect to Tenable Security Center to retrieve data and kick off remediation scans.
3. Generate API keys and save them for use with ServiceNow.

In OT Security, you can create API keys by navigating to Local Settings > System Configuration > API Keys > Generate Key.