Externe Dienste
Usage with ServiceNow®
Note To initially connect SINEC Security Guard and ServiceNow®, contact the Siemens Service desk.
This section describes the effects of using SINEC Security Guard in combination with ServiceNow®. The usage of ServiceNow® is not described in this document; for more on the usage of ServiceNow®, consult the documentation of this product or other sources.
Effects on task availability in ServiceNow®
After publishing tasks to ServiceNow®, it may take up to 24 hours until the published tasks are available in ServiceNow®. 'Task definition' provides a task availability indicator that shows if SINEC Security Guard received information about the arrival of the vulnerabilities' tasks (1), (2); 'Task management' will indicate in similar ways per asset (4), (5). When the tasks became published to ServiceNow®, SINEC Security Guard offers a direct link to the vulnerability or task in ServiceNow® (3), (6).
| Number | Description |
|---|---|
| ① | Indication of transfer to ServiceNow® currently in progress |
| ② | Indication of successful transfer to ServiceNow® |
| ③ | Direct link to all tasks of the current vulnerability in ServiceNow® |
| ④ | Indication of transfer to ServiceNow® currently in progress |
| ⑤ | Indication of successful transfer to ServiceNow® |
| ⑥ | Direct link to one specific task in ServiceNow® |
Effects on Task definition
The definition of tasks remains as described in Task definition mostly remains untouched.
Differences are:
- The button 'Set vulnerability to managed' is replaced by 'Publish to ServiceNow®' (1), (2). When using this button and approving the dialogue, the tasks for the current vulnerability become transferred to ServiceNow® and these effects will take place:
- No further tasks can be defined for this vulnerability. So the tasks should only be published when the set of tasks is complete and correct.
- Updates on published tasks between SINEC Security Guard and ServiceNow® (e.g. changes on Risk level or on tasks' descriptions) are not possible in any direction; now the tasks have to be handled exclusively in ServiceNow® or affiliated tools.
- These buttons and functionalities are not available: 'Re-open vulnerability', 'Undo', 'Mark as implemented'.
- The task availability indicator provides a direct link into ServiceNow® which shows the tasks of that vulnerability.
| Number | Description |
|---|---|
| ① | Button to publish the defined tasks to ServiceNow® - disabled, as no tasks are defined |
| ② | Button to publish the defined tasks to ServiceNow® - enabled, as tasks have been defined |
Effects on Risk level
Vulnerabilities keep being handled by SINEC Security Guard. E.g. when changing the Business criticality of a zone, the Risk level of the vulnerabilities of the zone's assets may change, too. Such an updated Risk level will be indicated in SINEC Security Guard. ServiceNow® will not receive such updates on the Risk level.
SINEC Security Guard and ServiceNow® use different ratings for Risk level:
| Risk level of SINEC Security Guard | Risk level of ServiceNow® |
|---|---|
| Critical | 100 |
| High | 89 |
| Medium | 69 |
| Low | 39 |
| Undefined | 0 |
Effects on Task management
The built-in Task management section in SINEC Security Guard remains available with limited capabilities.
- It shows the tasks that had been published to ServiceNow®, as long as their vulnerability is not found to be fixed completely. As soon as an inventory update indicates a former vulnerability as fixed, all related tasks will be removed from the built-in Task management section in SINEC Security Guard.
- SINEC Security Guard does not provide ways to change something on already publishd tasks, like their content, parameters (e.g. Risk level) and/or status'; and it cannot display any changes which may be performed in ServiceNow® or other tools.
- Per task there is an indication whether the task is not or is already available in ServiceNow® (1), (2). If it is available, a link (3) is shown that leads directly to the task in ServiceNow®.
| Number | Description |
|---|---|
| ① | Indication of transfer to ServiceNow® currently in progress |
| ② | Indication of successful transfer to ServiceNow® |
| ③ | Direct link to one specific task in ServiceNow® |