ServiceNow and Endpoint Endpoint Privilege Management Integration

The Endpoint Privilege Management for Windows ServiceNow integration can be used with Endpoint Privilege Management for Windows version 5.3 and later. You can download the integration from the BeyondTrust Support Portal.

  • The ServiceNow integration is comprised of two files:
    • Log-ServiceNowIncident.ps1
    • ServiceNowSettings.json
  • The URL of your ServiceNow instance. For example,
  • The username and password of a user that has the ServiceNow itil role. Users with the itil role can open, update, and close incidents as required.
  • A Challenge / Response message

All end users need to have a corresponding account in ServiceNow for Endpoint Privilege Management for Windows to raise the incident successfully.

In the default configuration, when a user runs an application you are targeting with the ServiceNow rule script, they are presented with the option to raise an incident in ServiceNow or cancel the request. The ticket in ServiceNow includes:

  • Caller
  • Short Description
  • Description including the business justification, the program name, program publisher, program path, Challenge Response Code, and the business justification the end user provided.

You can then action the incident in ServiceNow and supply the end user with a Challenge Response Code. The end user can then start the application and enter the Challenge Response Code to run the application.

In your Endpoint Privilege Management for Windows policy, you need to set up the following:

  • A Workstyle that targets the ServiceNow rule script
  • An Application Group that contains the applications you want to target
  • A message configured for Challenge / Response

For more information, see Configure the ServiceNow Integration.