ServiceNow Integration #10239
Description
Feature search
- I have searched the existing issues and this feature has not been requested yet or is already in our Public Roadmap
Which component would this feature affect?
New component/Integration
Related to specific cloud provider?
Not provider-specific
New feature motivation
I noticed Prowler provided Jira as an integration option, I feel providing ServiceNow integration to allow security guy to create ServiceNow ticket make more sense. And if you can provide Jira as an integration tool, then ServiceNow should not be a problem.
Prowler is security tool, and in a lot of situation, they would like to open a ticket to certain team or individual.
Solution Proposed
In the latest version, ie, v5.18.3, I can find in particular finding, it manage option includes "Send to Jira" and "Mute finding", why not adding another one "Open ServiceNow ticket".
Use case and benefits
We have a lot of findings, and hard to solve them quickly. In an organization which rely on ticket system, it is better to allow wrapping the findings and send them to be ServiceNow tickets, so that later on those findings can be tracked, fixed and finally disappear.
Describe alternatives you've considered
I think you can basically simulate how Jira integration solution be done and create a similar one for ServiceNow integration with below information:
- wrap up the full findings information, which will include findings, severity, resources, related account and regions, the suggest the remediation method, etc.
- send to ServiceNow API with team or individual and their emails.
Additional context
I have not test or know much about the current Jira integration, but I feel to add multiple other integration should not be a big deal, and I would suggest to write a frame work for integration to other tools, such as Pager Duty, future SOAR tool, etc.