ServiceNow Integration

Published: 08 March 2017

Andy Harris ServiceNow Integration

By Andy Harris


PxM coming together with ServiceNow integration

Here's the video showing the integration between Osirium and ServiceNow. We've created a plug-in policy module for Osirium's profiles which, when enabled, enforces a valid CMDB ticket requirement for every task or SSO session.

Privileged Access Management taken - one step higher

ServiceNow is a CMDB (Change Management Database) product that manages the workflow of why SysAdmins and DevOps will access systems, Osirium manages the who, how and when of SSO and task Automation. ServiceNow implements unique IDs for each ticket, whether it be change or incident based. The API allows Osirium to find these tickets and query their status for use in policy flow.

Here you'll see both the reason and the authentication for connecting to a system brought together through logical automation

Osirium not only checks the ticket, it logs its use internally and generates a CEF formatted syslog message

Attackers now need so much MORE just to gain access to your systems:

  • The Privileged Credentials - these are long, strong, properly random and regularly changed. Furthermore they never enter the users workstation environment, they are never displayed, they can't be intercepted or phished from your users.
  • Even if an attacker could remotely control your SysAdmin or DevOps systems they'd need to know a valid CMDB (Change Management Database) ticket to get any further.
  • Insider wrong doing is deterred by the sheer level of accountability in Osirium: Users can't share credentials, Osirium enforces a 'One Instance Only' for user identities, PSM (Privileged Session Recording) can record all the user's actions on Systems, Devices and Applications.

Emergency Ticket Support - Accountability without impeding remediations

Many sites have an emergency ticket that is always open. This is for the occaisonal situation where systems need to be fixed and the paperwork done later. Osirium supports this ticket type with full accountability and logging.

Release Date: 
Wednesday, 8 March 2017
Article Type: 
Blog Post