Bitsight for IT Service Management by ServiceNow: Integration Guide

The Bitsight for IT Service Management integration is certified by ServiceNow and is available in the ServiceNow App Store.

Version 1.0

Requirements

• Bitsight Security Ratings SPM App
• ServiceNow (Tokyo, San Diego, or Rome)
• The Incident plugin, which provides the base functionality for incident management. Included with the ServiceNow IT Service Management (ITSM) package.
  • If you have an ITSM package already in your instance, you do not need to install the plugin separately.
  • If you do not have an ITSM package, you will be asked to install the Incident plugin when installing Bitsight for IT Service Management.
• Bitsight for Security Performance Management Connector, which includes Bitsight for IT Service Management. This is automatically installed during the installation of dependent applications and all configurations are done through the dependent application; it does not require installation or configuration by the user.
• Required system table permissions: sys_import_set_row

Download and Installation

1. Download and Install the application, available in the ServiceNow App Store.
2. Copy and paste a Bitsight company API token to the “API Token” field to use it in the application. To ensure existing integrations do not break when certain user accounts are deleted, please use a company API token as opposed to a user API token. To generate a new API token, go to the Company API Token section of the Account page in the Bitsight platform. Remember, API tokens should be treated as a password. If you think your token might have been compromised, you can always generate a new one, which will invalidate the previous token. If the integration is failing, see troubleshooting for details.
3. Assign a ServiceNow Admin role (itsm_app_admin) to a user.
4. As a ServiceNow Admin, navigate to the Bitsight for ITSM Application Configuration module and set the following configurations:
   • Section 1:
     1. Set the API Token to the Bitsight API token. Select the Validate Token button to check if the API token is set correctly.
     2. Select the organization you would like to receive findings details for. Relationships are structured as a parent company and a subsidiary company (child). Subsidiaries are companies that are within the hierarchy of an organization. They are depicted in an organization’s Ratings Tree in the Bitsight platform.
   • Section 2:
     1. Configure the finding severity to filter the finding details.
     2. Configure the asset importance to filter the finding details.
     3. Configure the risk vector to filter by particular risk vectors.
     4. Configure the Incident Assignment to assign the incident tickets to a group/user. If opted, this should point to the users who will deal with the incidents.
     5. Configure the caller field to set the Caller field in incident tickets. This is done as caller is a mandatory field. It can just be a web-only user. All incidents will have this user as the caller.
5. As a ServiceNow Admin, navigate to the Data Import Job Schedule [Bitsight for ITSM ➔ Data Import Job Schedules] and set the import time as desired.

The first run will import Bitsight findings into the incident table. If configured, an incident for any findings will be created for resolution.

To test immediately, execute the import scripts as ServiceNow admin. This should import the findings immediately into the system.

Non-Admin users of this application need to be assigned the User (itsm_app_user) role. All such users also need to have the itil role to be able to access the incidents. This can be done either by assigning the itil role directly to the user or by editing the User role to include the itil role.