BeyondTrust & ServiceNow

Identity Security Insights® is a cloud-nativesolution that gives your team a unified, graph-based view of every identity—human, machine, and AI—and maps every privilege escalation path across your environment. Detections flow directly into ServiceNow Security Incident Response (SIR), enriched with risk scores and recommended remediation.

• Surfaces hidden privilege escalation paths across cloud, hybrid, and on-premises environments

• Maps ServiceNow AI Agents to their tools, roles, and permissions — the first true end-to-end view of your automation layer

• Automatically creates enriched security incidents in ServiceNow SIR with attack path data and playbook recommendations

• Covers AI agents from ServiceNow, Salesforce, OpenAI, AWS Bedrock, and Google Vertex AI

• Also includes secrets sprawl inventory, cross-domain identity federation detection, FedRAMP support, and much more

BeyondTrust Endpoint Privilege Management (EPM) removes standing local admin rights from Windows and Mac endpoints, replacing them with a policy-driven model where elevated access is approved on demand—with every request routed through a full ServiceNow approval workflow.

• Webhook-based architecture: JIT requests automatically create Incidents, change Requests, or service catalog items in ServiceNow

• Approvers click Approve / Deny directly within ServiceNow—access is granted or denied with the full decision trail written to the ticket

• Supports one-time, time-limited (minutes), and up to 24-hour access grants

• Automatic ticket closure and fully customizable Flow Designer workflows

• Eliminates persistent over-privilege that attackers exploit

Password Safe® acts as the secure credential vault for both human users and ServiceNow AI agents. Through the ServiceNow Integration Hub spoke, AI agents check out privileged credentials dynamically at runtime—never holding static secrets.

• Dynamic credential checkout: every access is logged and time-bound—no static credentials stored in automation workflows

• Seamlessly request and approve access to managed accounts using ServiceNow ITSM approval flows

• Break-glass functionality and auto-approve options for time-sensitive scenarios

• Manages credentials for ServiceNow Discovery and Orchestration workloads

• Automatic credential rotation after checkout eliminates long-lived secrets

• Import and export asset data between Password Safe and ServiceNow CMDB

Gate vendor and third-party access through ServiceNow change and incident workflows. Privileged Remote Access (PRA) sessions launch directly from CMDB records, with no plain text credentials exposed— providing secure, auditable access to critical assets without leaving the ServiceNow interface.

• Open credential-free PRA sessions directly from any ServiceNow ticket type and CMDB records, including workspaces

• Access configuration items directly from a change request—no context switching required

• Full session recordings and audit logs automatically written back to the ServiceNow record

• Satisfies compliance requirements with a complete, ticket-linked audit trail for every vendor session

• Ensure ticket validation and request approval from ServiceNow before a device is accessed via the BeyondTrust PRA access console

Initiate remote support sessions directly from a ServiceNow incident or change record and improve first-call resolution rates. Session transcripts, chat logs, recordings, and system information are automatically written back to the originating ServiceNow ticket.

• Launch Remote Support sessions from any open ServiceNow ticket with a single click

• Session details, chat transcripts, and notes auto-appended to the ticket at session close

• Auto-creates and syncs ServiceNow tickets for every support session — no manual data entry

• Reduces mean time to resolution with direct access to desktops, servers, and systems from within ServiceNow