Configure ServiceNow

Required User Role: Administrator

Before you create ServiceNow incidents within Tenable Vulnerability Management, you must configure your ServiceNow account.

Important! These steps are specific to configuring ServiceNow for use with Tenable Vulnerability Management mobilization and automatic incident creation functionality. These steps do not apply to any other ServiceNow integrations with Tenable products.

Prerequisites

Before you create ServiceNow incidents via Tenable products, you must:

  • Have a ServiceNow administrator user with the following roles:

    ServiceNow Permission

    		 Custom Context ServiceNow Documentation
    canvas_user

    Primarily associated with accessing and viewing Configurable Workspaces and pages built with UI Builder.

    This role provides the necessary permissions to render and interact with the visual structure (the "canvas") of the ServiceNow user interfaces.

    		 Document Intelligence Roles
    cmdb_inst_admin Grants administrative rights specifically for configuring and managing CMDB data integration processes. Exploring SGC Central
    connection_admin A specialized administrative role focused on managing the security and configuration of external system connections. Create a Connection Administrator

  • Perform the steps to configure ServiceNow for use with the Tenable One Platform.

Configure the Integration

Before you create an initiative, you must first configure a connection between ServiceNow and Tenable Vulnerability Management.

To configure ServiceNow to support ServiceNow incident creation in Tenable Vulnerability Management:

  1. In the left navigation, click Settings.

    The Settings page appears.

  2. Click the ServiceNow tile.  

    The ServiceNow connector page appears.

  3. Configure your ServiceNow credentials:

    4. Option Description
    Integration Name Choose your own ServiceNow integration name.
    ServiceNow Instance URL The unique web address for your organization's instance of ServiceNow, typically formatted as https://[your-company-name].service-now.com.
    User Name

    Your ServiceNow User ID.
    Password

    Your ServiceNow password associated with the User ID.

  4. To test the connection, click Connect.  

    Once Tenable validates the integration connectivity, a Connection was Successful notification appears.

  5. Configure the following default values for synchronizing ServiceNow Incident Priorities and Incident States:

    • Sync Incident Priorities

      1. Select one of the following:

        • Do Not Sync

        • Sync Using Custom Mapping — If you use a custom mapping, use the following guidelines:

          Finding SeverityServiceNow Incident Impact ServiceNow Incident UrgencyResulting ServiceNow PriorityCustomer Context

          Critical

          		HighHighP1 (Critical)Immediate, business-impacting risk. Typically requires emergency patching or immediate action.
          HighHighMediumP2 (High)Confirmed vulnerability with high CVSS/VPR; requires aggressive patching as per SLA.
          MediumMediumMediumP3 (Moderate)Standard vulnerability management queue. Addresses moderate risk findings.
          LowLowLowP4 (Low)Non-critical finding, typically addressed during regular maintenance cycles.
          InfoLowLowP5 (Informational)Excluded from most standard patching SLAs. For situational awareness or future planning.

    • Sync Incident State

      1. Select one of the following:

        • Do Not Sync

        • Sync Using Custom Mapping — If you use a custom mapping, use the following guidelines:

          Tenable Vulnerability Management Finding StateServiceNow Incident State
          New, Active, ResurfacedNew, In Progress
          Fixed

          Resolved, Closed

  6. Click Save.