Integrating Acunetix 360 with ServiceNow Incident Management

You can integrate ServiceNow (SNOW) Incident Management with Acunetix 360 to manage issues.

Incident Management is an issue-tracking system that also helps organizations prioritize and share tasks across departments. So, you can pinpoint indicators of problems to prevent issues and predict future ones.

Supporting bi-directional integration

Acunetix 360 supports bi-directional integration with SNOW Incident Management. So, you can resolve and reopen issues according to the scan result. Also, you can create issues automatically. Acunetix 360 uses user-provided resolved and reopened statuses in ServiceNow Incident Management for this purpose.

This topic explains how to integrate Acunetix 360 with ServiceNow Incident Management.

For further information, see What Systems Does Acunetix 360 Integrate With?.

ServiceNow Incident Management fields

This table lists and explains the ServiceNow fields on the New ServiceNow Incident Management Integration page.

Button/Section/Field

Description

Name

This is the name of the configuration that will be shown elsewhere.

URL

This is the ServiceNow Incident Management instance URL.

Username

This is the name of the user.

Password

This is the password that is used for the ServiceNow Incident Management account.

Title Format

This is the string format that is used to create the vulnerability title.

Template

This is the type of issue description template. There are two template types for issue templates: Standard and Detailed.

The Detailed template has additional fields such as Request and Response. So, you can view them in the Activity field on ServiceNow.

Integrating Acunetix 360 with the Incident Management

There are two steps to this integration:

  1. Setting up the connection with the Incident Management
  2. Configuring project details for integration
Step 1. How to integrate Acunetix 360 with the ServiceNow Incident Management
  1. Log in to Acunetix 360.
  2. From the main menu, select Integrations > New Integration.

  1. From the Issue Tracking Systems section, select ServiceNow Incident Management.

  1. In the Name field, enter a name for the integration.
  2. In the Mandatory section, complete the connection details:
  1. URL (ServiceNow Server)
  2. ServiceNow Username
  3. ServiceNow Password
  1. Select Load ServiceNow Details.

If successful, Acunetix 360 displays your project details to continue configuring your integration. Otherwise, Acunetix 360 displays an error message.

Step 2. How to configure your SNOW Incident Management instance with Acunetix 360

Tips

The Incident Configuration fields vary based on your configuration of the SNOW Incident Management.

  1. From the Incident Configuration section, enter the Title Format.
  2. From the Template section, choose a template type. (Based on the template selection, you can view Response and Request information in the Activity field on ServiceNow.)

  1. Configure the rest of the fields according to your configuration.
  2. From the Field Mappings section, select + Add Mapping.
  3. Next to the Invicti Severity drop-down, select the Invicti Value drop-down.
  4. From the Select Field drop-down, select an option. When selected, a drop-down appears. Select an option.

Tips

The Field Mappings have priority over the Optional Fields. For example, if you configure the Priority in the Optional Fields and the Field Mappings, Acunetix 360 will prioritize the configuration in the Field Mappings.

  1. Select Save.

Acunetix 360 saves your integration.

Creating a sample issue to test integration
  1. From the main menu, select Integrations > Manage Integrations.
  2. From the Manage Integrations page, next to the relevant SNOW integration, select Edit.
  3. Select Create Sample Issue.

Acunetix 360 exports a sample issue to SNOW Incident Management to test the integration. If successful, the following ticket is opened in the Incident Management:

How to edit the Incident Management integration
  1. From the main menu, select Integrations > Manage Integrations.
  2. Next to the relevant SNOW Incident Management integration, select Edit.
  3. Make the necessary changes, and select Save.
How to delete the Incident Management integration
  1. From the main menu, select Integrations > Manage Integrations.
  2. Next to the relevant Incident Management integration, select Delete.
  3. From the Delete Integration pop-up, select Delete.
How to clone the Incident Management integration

Tips

You can clone your integration to create as many incident management integrations as you need. However, due to security precautions, passwords cannot be cloned.

  1. From the main menu, select Integrations > Manage Integrations.
  2. Next to the relevant Incident Management integration, select Clone.
  3. Make the necessary changes, and select Save.

Exporting issues to SNOW Incident Management

There are several ways to send issues to SNOW Incident Management with Acunetix 360:

How to export reported issues to projects in the Incident Management
  1. From the main menu, select Issues > All Issues.
  2. On the Issues page, select one or more issues you want to send.
  3. Select Send To > ServiceNow Incident Management.

A pop-up is displayed, with a link to the issue you have sent to the SNOW Incident Management. If there is an error, this information will be displayed instead.

  • You can send an issue from the Recent Scans page:
  1. From the main menu, select Scans > Recent Scans.
  2. Next to the relevant scan, select Report.
  3. Scroll down to the Technical Report section.
  4. From the list of detected issues, select an issue and display its details.

  1. Select Send To > ServiceNow Incident Management.

If you have already previously submitted this vulnerability to SNOW Incident Management, it will already be accessible. You cannot submit the same issue twice.

Registering webhook for bi-directional integration

To enhance issue synchronization support, Acunetix 360 also offers webhook support. This enables you to detect any status changes in ServiceNow Incident Management issues opened by Acunetix 360.

  • Acunetix 360 generates a Webhook URL after you save your integration settings. When you register this link as a webhook in your ServiceNow Incident Management project and enter your preferred Resolved and Reopen statuses, you will complete Acunetix 360 issue synchronization for your integration.
  • When you change your ServiceNow Incident Management issue’s status to your preferred Resolved status, the issue is automatically marked as Fixed (Unconfirmed) in Acunetix 360, and a retest scan is started. If you select the After retesting, change the status of fixed vulnerabilities to Closed checkbox, and the issue will be closed.
  • When you change your ServiceNow Incident Management issue’s status to your preferred Reopened status, your corresponding Acunetix 360 issue is automatically marked as revived.

Prerequisite

There are 3 steps to configure the bi-directional integration between Acunetix 360 and ServiceNow Incident Management.

  1. Configure notification for bi-directional integration
  2. Copy the webhook URL
  3. Configure the ServiceNow instance

Step 1. Configuring notification for bi-directional integration

  1. Log in to Acunetix 360.
  2. Select Notifications > Manage Notifications.
  3. Next to the Scan Completed event, select Edit.
  4. From the Integration Endpoints field, select ServiceNow Incident Management.
  5. Select Save.

Step 2. Copying the webhook URL

  1. From the main menu, select Integrations > Manage Integrations.
  2. Next to the relevant ServiceNow Incident Management Integration, select Edit.
  3. Scroll down to the Webhook Settings section.
  4. In the Webhook URL field, select Copy to clipboard ().

Information

Resolved Status is a ServiceNow Incident Management incident status to match when the webhook script has been added. They must be the same.

Step 3. Configuring ServiceNow Incident Management for bi-directional integration

  1. Open ServiceNow.
  2. In the Filter Navigation textbox search for 'business rules'.

  1. Under System Definition, select Business Rules.
  2. From the Business Rules page, select New.
  3. Select Table, then Incident [incident].

  1. Select the Advanced checkbox.
  2. In the When to Run tab, from the When drop-down, select after.
  3. Enable the Update checkbox.

  1. Select the Advanced tab.
  2. Modify the following script and fill in the script condition as illustrated:

Condition: current.incident_state.changesTo(6)

6 = Resolved

7 = Closed

Information

Note that the Resolved status in the ServiceNow Incident Management integration must be matched with the script condition.


Script:

(function executeRule(current, previous /*null when async*/) {

    /*

     * Incident states

     * Resolved = 6

     * Closed = 7

     *

     * condition for sending incident

     * for resolved incidents use this

     * current.incident_state.changesTo(6)

     *

     * for closed incident use this:

     * current.incident_state.changesTo(7)

     */

   

    // change endpoint variable with your webhook url in servicenow integration

    // navigate to servicenow integration https://online.acunetix360.com/integrations/integrations/

    // paste your webhook url in the endpoint variable. It's a link similar to this: https://online.acunetix360.com/integrations/serviceNowWebhook?key=XXX&identifier=XXX

    var endpoint = ‘PASTE YOUR SERVICENOW WEBHOOK HERE’;

   

    gs.info("Incident close code = " + current.close_code);

    gs.info("Incident number = " + current.number + " and id = " + current.sys_id + " will be sent.");

    //add current incident number to endpoint query

    endpoint = endpoint + "&caseNumber=" + current.sys_id;

    try {

        var request = new sn_ws.RESTMessageV2();

        request.setHttpMethod('post');

        request.setEndpoint(endpoint);

        request.setRequestBody("{}");

        var response = request.executeAsync();

        response.waitForResponse(60);

        var httpResponseStatus = response.getStatusCode();

        gs.info("http response status_code: " + httpResponseStatus);

    } catch (ex) {

        var message = ex.getMessage();

        gs.info(message);

    }

})(current, previous);

  1. Select Submit.

Following these steps, Acunetix 360 exports issues identified to ServiceNow Incident Management.

[Tutorial] Using bi-directional integration in Acunetix 360

The following tutorial walks you through steps to export issues identified by Acunetix 360 to ServiceNow Incident Management.

How to use bi-directional integration in Acunetix 360
  1. Log in to Acunetix 360.
  2. From the main menu, select Scans > New Scan.
  3. Configure your scan. For further information, see Creating a new scan.
  4. From the Scan Settings, select Notifications to make sure that the Scan Completed event has an integration endpoint.

  1. Launch the scan and wait for the scan completion.
  2. Navigate to ServiceNow and go to the Incidents page.

Tips

No issues? Check the filter on the Incident page. It should be set to All.

  1. Update the issue to a Resolved or Closed state which was chosen earlier.
  2. Go to Acunetix 360.
  3. From the main menu, select Issues > Waiting for Retest to see your issue(s).

After the retest starts, if the issue is retested correctly and if the vulnerability exists, it will be reopened by the system. If the vulnerability is fixed, no action will be taken.

 

« Back to the Acunetix Support Page