You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
HackerOne offers a bi-directional ServiceNow integration that enables you to synchronize your HackerOne reports to ServiceNow incidents and vice versa, from ServiceNow to HackerOne. This integration enables your development and security teams to stay aligned as it also contributes to a better workflow of remediating security vulnerabilities by minimizing the manual back and forth between ServiceNow and HackerOne.
7
+
HackerOne offers a bi-directional ServiceNow integration that enables you to synchronize your HackerOne reports to ServiceNow and vice versa, from ServiceNow to HackerOne. This integration enables your development and security teams to stay aligned as it also contributes to a better workflow of remediating security vulnerabilities by minimizing the manual back and forth between ServiceNow and HackerOne.
8
+
9
+
You can use this integration with different ServiceNow tables. The guide below uses the `incident` table that's used in the ServiceNow's [Incident Management](https://docs.servicenow.com/bundle/quebec-it-service-management/page/product/incident-management/concept/c_IncidentManagement.html) product. IF you're using the ServiceNow's [Security Incident Response](https://docs.servicenow.com/bundle/quebec-security-management/page/product/security-incident-response/reference/sir-landing-page.html) product, you can use the following table name: `sn_si_incident`. Alternatively, we support custom tables as well for full flexibility.
8
10
9
11
> **Note:** This integration is only available to Enterprise programs.
10
12
@@ -87,6 +89,7 @@ HTTP Method | POST
87
89
function process(/*RESTAPIRequest*/ request, /*RESTAPIResponse*/ response) {
88
90
// Retrieve the incident with the passed in sys_id
89
91
var sys_id = request.body.data.sys_id;
92
+
// Create a new record for the table you want to use (in our example `incident`)
90
93
var incident = new GlideRecord('incident');
91
94
incident.get(sys_id);
92
95
// Add comment to incident item
@@ -146,21 +149,27 @@ Field | Details
146
149
ServiceNow Instance URL | Enter the full URL to your ServiceNow instance, for example it could be: https://my-instance.service-now.com/
147
150
Client ID & Client secret | Enter the `Client ID` and `Client secret` from step 4 in [Configure OAuth](#configure-oauth)
148
151
149
-
5.Configure data mapping from HackerOne reports to ServiceNow incidents. This uses the API of both systems to retrieve fields that are allowed to be used for these objects. For example, you could map the HackerOne report title to the ServiceNow incident short description.
152
+
5.Provide the name of the escalation table. By default, the integration uses the ServiceNow `incident` table. If you want to use a a different or a custom table, please enter the table in the field below. If you prefer to use Security Incidents instead, you can use the following table name: `sn_si_incident`.
150
153
151
-
154
+
152
155
153
156
6. Click **Next**.
154
157
155
-
7. Enter your ServiceNow New Comment endpoint that was configured earlier in the **ServiceNow “Add Comment” endpoint** field. This should be a combination of the URL to your instance and the Resource Path found in the Scripted REST API object in ServiceNow.
158
+
7. Configure data mapping from HackerOne reports to ServiceNow incidents. This uses the API of both systems to retrieve fields that are allowed to be used for these objects. For example, you could map the HackerOne report title to the ServiceNow incident short description.
159
+
160
+
161
+
162
+
8. Click **Next**.
163
+
164
+
9. Enter your ServiceNow New Comment endpoint that was configured earlier in the **ServiceNow “Add Comment” endpoint** field. This should be a combination of the URL to your instance and the Resource Path found in the Scripted REST API object in ServiceNow.
156
165
157
166
158
167
159
168
160
169
161
-
8. Click **Next**.
162
-
9. Copy the public listener URL in the configuration wizard.
163
-
10. Click **Enable** to enable the integration.
170
+
10. Click **Next**.
171
+
11. Copy the public listener URL in the configuration wizard.
172
+
12. Click **Enable** to enable the integration.
164
173
165
174
166
175
@@ -226,7 +235,7 @@ Name | Add Comment
226
235
Table | Journal Entry [sys\_journal\_field]
227
236
Advanced | Make sure the box is checked
228
237
229
-
14. Enter these values for these fields on the **When to run** tab:
238
+
14. Enter these values for these fields on the **When to run** tab. In this example, we use the `incident` table, if you use a different escalation table use that name here instead of `incident`.
8. Navigate to **System Definition > Business Rules**.
296
305
9. Click **New** to create a new business rule.
297
-
10. Enter these values for these fields on the **When to run** tab:
306
+
10. Enter these values for these fields on the **When to run** tab. In this example, we use the `incident` table, if you use a different escalation table use that name here instead of `incident`.:
0 commit comments