External Services
Usage with ServiceNow®
Note To initially connect SINEC Security Guard and ServiceNow®, contact the Siemens Service desk.
This section describes the effects of using SINEC Security Guard in combination with ServiceNow®. The usage of ServiceNow® is not described in this document; for more on the usage of ServiceNow®, consult the documentation of that product or other sources.
Effects on Risk level
Vulnerabilities keep being handled by SINEC Security Guard. E.g. when changing the Business criticality of a zone, the Risk level of the vulnerabilities of the zone's assets may change, too. Such an updated Risk level will be indicated in SINEC Security Guard. ServiceNow® will not receive such updates on the Risk level.
This section describes the effects of using SINEC Security Guard in combination with ServiceNow®. The usage of ServiceNow® is not described in this document; for more on the usage of ServiceNow®, consult the documentation of this product or other sources.
| Risk level of SINEC Security Guard | Risk level of ServiceNow® |
|---|---|
| Critical | 100 |
| High | 89 |
| Medium | 69 |
| Low | 39 |
| Undefined | 0 |
After publishing tasks to ServiceNow®, it may take up to 24 hours until the published tasks are available in ServiceNow®. 'Task definition' provides a task availability indicator that shows if SINEC Security Guard received information about the arrival of the vulnerabilities' tasks (1), (2); 'Task management' will indicate in similar ways per asset (4), (5). When the tasks became published to ServiceNow®, SINEC Security Guard offers a direct link to the vulnerability or task in ServiceNow® (3), (6).
Effects on task availability in ServiceNow®
After publishing tasks to ServiceNow®, it may take up to 24 hours until the published tasks are available in ServiceNow®. 'Task definition' provides a task availability indicator that shows if SINEC Security Guard received information about the arrival of the vulnerabilities' tasks ①, ②; 'Task management' will indicate in similar ways per asset ④, ⑤. When the tasks became published to ServiceNow®, SINEC Security Guard offers a direct link to the vulnerability or task in ServiceNow® ③, ⑥.
| Number | Description |
|---|---|
| ① | Indication of transfer to ServiceNow® currently in progress |
| ② | Indication of successful transfer to ServiceNow® |
| ③ | Direct link to all tasks of the current vulnerability in ServiceNow® |
| ④ | Indication of transfer to ServiceNow® currently in progress |
| ⑤ | Indication of successful transfer to ServiceNow® |
| ⑥ | Direct link to one specific task in ServiceNow® |
Effects on Task definition
The definition of tasks remains as described in Threats and tasks mostly remains untouched.
Differences are:
- The button 'Set vulnerability to managed' is replaced by 'Publish to ServiceNow®' ①, ②. When using this button and approving the dialogue, the tasks for the current vulnerability become transferred to ServiceNow® and these effects will take place:
- No further tasks can be defined for this vulnerability. So the tasks should only be published when the set of tasks is complete and correct.
- Updates on published tasks between SINEC Security Guard and ServiceNow® (e.g. changes on Risk level or on tasks' descriptions) are not possible in any direction; now the tasks have to be handled exclusively in ServiceNow® or affiliated tools.
- These buttons and functionalities are not available: 'Re-open vulnerability', 'Undo', 'Mark as implemented'.
- The task availability indicator provides a direct link into ServiceNow® which shows the tasks of that vulnerability.
| Number | Description |
|---|---|
| ① | Button to publish the defined tasks to ServiceNow® - disabled, as no tasks are defined |
| ② | Button to publish the defined tasks to ServiceNow® - enabled, as tasks have been defined |
Effects on Task management
The built-in Task management section in SINEC Security Guard is not available.