ServiceNow Integration

Using our ServiceNow integration, you now have a way to streamline your remediation workflow and ensure that you’re able to close the vulnerabilities that Kenna prioritizes for you.  No need to build a new step in your vulnerability management workflow; Kenna fits right into your existing processes. Take advantage of Kenna’s powerful prioritization and reporting platform in tandem with the ticketing system already used by your organization.  

Data Flow – Kenna & ServiceNow

Data flow between Kenna and ServiceNow requires the configuration of the ServiceNow Connector in Kenna.  Information required to configure the connector includes Username, Password, and ServiceNow host information.  The diagram below shows the Kenna ServiceNow connector configuration dialog.

When first setting up and testing the ServiceNow Connector, it is recommended that customers use the default template.  The ServiceNow user should have read/write access to the Incidents table and the ITIL role or equivalent is recommended. After entering the Username, Password and Host information, click Save And Verify to save the connector.

Data flow between Kenna and ServiceNow is bi-directional.  Tickets are populated with asset, vulnerability, and fix information from Kenna.  A nightly data sync will update service ticket status within Kenna.

Create a ServiceNow ticket in Kenna to either address a vulnerability or apply a fix directly in Kenna.  Select the checkbox to the right of the item, and the Create ServiceNow Incident button will appear next to the tabs within explorer view.

ServiceNow Incidents can also be created for any Top Fix group using the same button which will appear after your connector is created. The ServiceNow ticket will be created for the Top Fix Group which is currently shown on the screen and each group may contain up to 3 fixes, all of which will included in the ServiceNow Incident.

The ServiceNow dialog will show a standard set of fields with choice values loaded from your specific ServiceNow instance. Users can select data for any of the fields. Short Description and Description are pre-populated with the appropriate vulnerability or fix data.

Once the ticket has been created in ServiceNow a notification bar will appear at the top of the page with the incident number which is a link to the new ticket in ServiceNow.

ServiceNow ticket data is fully accessible from with Kenna. Ticket status is maintained within Kenna, updated on the nightly basis. and can be used as filter criteria from the right hand search pane in the explorer view.

Whether the ServiceNow ticket creation is initiated from Vulnerabilities, Fix or Fix Groups, incident metadata becomes specifically tied to the associated vulnerabilities.  Visually that is displayed in Kenna in multiple ways.  First, any vulnerability with an associated ticket will show an orange “pill” on the Vulnerabilities tab.

The specific ServiceNow Incident number is displayed on the Vulnerability Details page for the vulnerability – choose the blue carat to see the details on a vulnerability from the Vulnerabilities tab.

Incident details are at the bottom right hand side of the vulnerability detail page. When you click the link to  “View Incident”, you will directed to the Incident Ticket in your ServiceNow instance.

Status changes of Open/Closed/Deleted made to a ticket in ServiceNow as part of the remediation workflow are synced back to Kenna, however, any vulnerabilities associated with the ticket will not be marked as closed until data is retrieved from the scanning platform confirming the vulnerability is fixed.

Advanced Options/Custom Templates

To ensure efficient and effective integration of Kenna into your existing operational process, custom templates can be developed and used within the Kenna environment. Kenna integration is built on the default Incidents table in ServiceNow and the default fields included in a ServiceNow ticket created from Kenna currently cannot be changed.

• Category          • Caller

• Subcategory     • Assignment Group

• Impact             • Assign To

• Urgency           • Short Description

• Priority             • Description

Kenna will connect to ServiceNow to retrieve the display values for each of these fields. The “Choices” displayed for each field will be retrieved from the Incident table first and then from the Tasks table if choices are not defined on the Incidents table. Changes to the choices should be made in the Tables section of ServiceNow.

When the default template is used, Kenna will pull the list of available choices for each of the listed fields and display them in the form presented to the Kenna user. Custom templates allow for preselected values to be set for Kenna created tickets, saving users the time of having to find and select values for each of the fields.

NOTE: Short Description and Description fields should NOT be included on custom templates as it will interfere with Kenna’s ability to save the appropriate vulnerability and fix data to those fields.

Example: If 90% of your tickets will have the same Category, Subcategory and Assignment Group, you can create a custom template which will prevent users from having to select those values every time they enter a ticket.

 

The form that displays in Kenna based on the above template will display “ServiceNow Template Preset” text for each of the fields where the user is not required to make a selection however, the full list of choices is available should the user need to made a non-standard selection.

Additional fields can be added to the custom template but they will not be displayed to users as selectable fields, instead will be listed as “Additional Preset Fields” at the bottom of the form for information purposes only.

Additional Assistance

Troubleshooting Tips:

  1. If fields on your template never change from the status “Loading…”, try adding choice values specifically on the Incident table in addition to the definition on the Tasks table
  2. Template cache is refreshed hourly, during iterative testing of templates you will need to delete and re-add the ServiceNow Connector if you want to see template changes immediately. No ticket data will be removed from vulnerabilities in spite of any warnings suggesting otherwise.

Please contact Kenna Support should you require any additional assistance with the ServiceNow Connector.

 

Powered by Zendesk