This guide provides instructions for integrating the Bitsight Security Ratings Platform and the Bitsight for Security Incident Response application by ServiceNow.
Requirements
- A supported version of ServiceNow.
- The Bitsight for Security Incident Response solution.
Instructions
- Go to the Bitsight platform and retrieve your Bitsight API token.
Use a Company API token to prevent existing integrations from breaking if certain user accounts are deleted.
- In the Bitsight for Security Incident Response application, assign a
x_bisit_secops_int.bitsight_secops_admin
role to a user. - As an admin user, go to the Application Configuration module.
- Enter your Bitsight API token to the “API Token” field.
- Check if the API token is set correctly by selecting the Test API Connection button. See testing the configuration.
- Select the Company GUID button to automatically populate your company’s unique identifier.
- Configure the max age of observations to import from the Bitsight platform. This is also for triggering security incidents and tasks.
- Configure whether security incidents are to be created from observations.
- Configure whether Bitsight Secops Tasks are to be created from observations.
- Configure the max retention age of observations. Leave as
0
to prevent cleanup.
- Go to the “Observations Import Schedules” page.
- Open Bitsight Observations Import record.
- Set the import time as desired (recommended daily).
- Set the correct “Run As” user (existing active user with
x_bisit_secops_int.bitsight_secops_admin
role).Leaving this blank will result in a failure during the creation of Security Incidents from Business rules.
- October 25, 2021: Separated Testing the Configuration section to its own page.
- November 11, 2019: Published.
Feedback
0 comments
Please sign in to leave a comment.