Protect4S - VM User Guide
  • Protect4S - VM User Guide
  • Introduction
    • Quick setup
    • Support
    • Protect4S VM place in SAP system landscape
  • Pre-conditions and installation
    • Supported operating system and database types
    • Software version requirements
    • Recommendations
    • Heterogeneous database connections
  • Protect4S VM Software Installation
    • Add-On Installation, import support packages and upgrade
    • Installation post-processing
  • Create Protect4S VM users and roles
    • Distribution of satellite roles
    • satellite system ABAP RFC user using wizard
    • satellite system ABAP RFC user MANUAL SETUP
    • satellite system JAVA user
    • satellite system database user
    • satellite system operating system user
    • Operating system user other than <sid>adm
    • Satellite system BusinessObjects user
  • Check and set Application settings
  • Protect4S VM Menu
  • Execute the Quick setup
    • Company
    • Systems
      • Creating an ABAP system
      • Creating a JAVA system
      • Creating a BusinessObjects BI system
      • Creating a HANA standalone system
      • Creating a SAP Web Dispatcher system
      • Creating a SAProuter system
      • Creating a SAP Cloud Connector system
      • SAPControl security settings
  • Create a project
    • New project
    • New Scan
  • Check Template
  • Contact persons and Scan subscription
    • Contact persons
    • Scan subscriptions
  • Reports
    • Scan result
    • Scan results information
    • System tab
    • Company tab
    • Scan statistics tab
    • Check overview
    • Risk history
    • Scan statistics
    • Scan export
    • Mitigation report
    • Scan comparison
    • Management overview
    • Connection map
  • Mitigation of Vulnerabilities
    • Mitigation menu
  • Check exemptions
  • SIEM Interface
  • Integration
    • Incident Management
  • Information and support
    • Welcome menu
    • Product information
    • Check information
    • Change log
    • User Guide
    • Report a software defect
    • Feature request
  • Deinstallation
  • Appendix A: Troubleshooting Satellite System connection issues
    • SAPControl connections
    • Database connection
    • JAVA connection
    • HTTPS certificate errors
  • Appendix B: Installation database libraries
    • IBM DB2
    • MSSQL
    • MaxDB
    • Oracle
    • SAP Sybase
    • SAP HANA
  • Appendix C: satellite system Communication Ports
  • Appendix D: Protect4S VM SICF Services
  • Appendix E: using a server group
  • Appendix F System context
  • Appendix G DNS resolving
  • Appendix H Dump in Scan subsciptions
  • Appendix I HTTPURLLOC table
  • Appendix J - Risk Matrix
  • Appendix K - Short dump function module "PFL_GET_SINGLE_PARAMETER" not found
  • FAQs
    • General
    • Installation
    • Configuration
    • Projects and scans
  • Contact us
Powered by GitBook
On this page
  • ServiceNow - Incident Management
  • Prerequisites
  • Create integration
  • Functionality

Was this helpful?

  1. Integration

Incident Management

Protect4S VM can be integrated with Incident Management solutions.

PreviousIntegrationNextInformation and support

Last updated 1 year ago

Was this helpful?

ServiceNow - Incident Management

Prerequisites

The technical connection to be used must be created upfront so that it can be selected later. This is done as follows:

In the Protect4S system, start transaction SM59 and create an RFC destination of type type G as in the example shown below:

  • Enter the details relevant for your ServiceNow instance (hostname, port, user and password).

  • Select the SSL client PSE to use HTTPS for the connection. Make sure to trust the ServiceNow HTTPS endpoint by adding the relevant certificate to the Certificate List of the selected PSE (transaction STRUST).

Test the connection, this should be successful:

Create integration

To set up the integration, go to Integration, Incident Management:

Click 'New' to setup a new integration:

Use the settings like shown in the example below. Select the earlier created RFC destination as Connection name:

Next, Scans can be added to the integration. Click the New button and add the scan of your choosing, like shown in the example below:

Next time the scan is run, incidents will be created for the failed checks, like shown in the example below.

Protect4S scan results:

ServiceNow incidents:

Functionality

The ServiceNow (SNow) fields are mapped with the information from Protect4S VM as follows:

ServiceNow field
Protect4S field
Explanation

Caller

-

Name value of the integration user.

Impact

Impact

The impact of the finding.

Urgency

Likelihood

Likelihood about the found risk/exploit.

Priority

-

Calculated by ServiceNow based on 'Impact' and 'Urgency'.

Short description

Check name & ID

The Name of the check plus ID is shown here.

Description

Date, time Run ID, Scan ID, System ID, SID & Check Message

Origin and details of the check.

The value mappings for Urgency - Likelihood and Impact - Impact do not completely align between Protect4S VM and ServiceNow for the values 'Very high' and 'Very low'.

The values are mapped as following:

P4S Impact
SNow Impact
P4S Likelihood
SNow Urgency

Very high

High

Very high

High

High

High

High

High

Medium

Medium

Medium

Medium

Low

Low

Low

Low

Very low

Low

Very low

Low

Incidents in ServiceNow are created based on configured Scans (see above). For each failed check of a run in a configured scan, either a new incident is created or the existing incident for the check is updated.

See the example below where the check results of additional runs are added to the ServiceNow ticket Description (separated by dash lines) in case of an update: