Cloud Security Customer Resources - Security

Cloud Security Customer Resources Cloud Security Customer Resources Your comprehensive guide to ServiceNow security documentation, compliance tools, and best practices.

Getting Started Named security contact The named security contact is your primary point of contact with the ServiceNow Security Organization (SSO). It’s important that this information is always up to date.

Security contact instructions g Shared Responsibility Model Security is a partnership between ServiceNow and the customer, both with specific responsibilities. Use this model to see which party is responsible for implementing security features and controls.

View model g ServiceNow Security Center (SSC) Scan your instance(s) against 200+ security checks, monitor for suspicious activity, track your security compliance score, and ensure it is up to date with the latest family release.

SSC Quick Start Guide g Learn and Implement Security Best Practices Guide (BPG) Explore essential guidance on authentication, access controls, encryption, logging, incident response, and more for your ServiceNow instance(s). Be sure to review the BPG with your security team.

Get the BPG g ServiceNow security videos Video collection with a security overview, use cases, ServiceNow Security Center (SSC), security products, compliance, and security best practices .

Watch security videos g Cloud Security white papers & guides White papers, knowledge articles, guides, and resources related to security and privacy of customer data on the ServiceNow AI Platform.

Browse collateral g Security knowledge base (KB) Articles on penetration testing, security advisories, GSSC, common vulnerabilities and exposures, security compliance, and more. Sign in required for full access.

Search the KB g Compliance and Trust ServiceNow Trust Site Learn about the ServiceNow commitment to compliance, security, and privacy. Includes industry solutions and GDPR information.

Visit the Trust site g CORE Compliance Portal Directory The ServiceNow CORE Compliance Portal provides customers with information to address regulatory questions, including those arising from internal audits, vendor assessments, FDA regulations, ISO standards, and SOC requirements.

How to access CORE g Security Operations Security advisories Learn more about the ServiceNow security posture for specific events and common vulnerabilities and exposures. Individuals without a ServiceNow Support account, visit the public Customer Security Portal Advisories .

View advisories g Customer Penetration Testing Process Overview Customers may perform one pen test per year on their instance. Pre-approval required; findings must be shared with ServiceNow.

Pen test process overview g Report security incidents Report security incidents, concerns, and findings via ServiceNow Support. Learn the difference between findings, vulnerabilities, etc.

Report incident g