• IBM Guardium version 12.x, 11.5 + Patch 525, or 11.4 + Patch 441 (available in August 2022).
  • Patch v11.4-460 (or greater) adds ability to query the Central Manager for version information.
  • Patch v11.5-525 (or greater) contains several performance fixes.
• IBM Guardium "service" user with Guardium vulnerability-access role (or Guardium admin role) so that the ServiceNow app can use the Guardium REST-API to import data
• (Optional) Apply vulnerability-access role to all existing Guardium data sources to permit the ServiceNow app the ability to update and delete existing data sources which result from changes to ServiceNow CMDB

• Tested on ServiceNow releases: Rome, San Diego, Tokyo, Utah, Vancouver, Washington
• ServiceNow Vulnerability Response module
• (Optional) ServiceNow Vulnerability Response Integration with NVD module
• (Optional) ServiceNow Configuration Compliance module

• ServiceNow Products > Security Operations > Vulnerability Response
• Manage
• Install/Update All (4)

• ServiceNow Products > Security Operations > Configuration Compliance
• Manage
• Install/Update All (4)

Pre-req: Personal access token for Github. If you don't have one, follow the instructions https://docs.github.com/en/free-pro-team@latest/github/authenticating-to-github/creating-a-personal-access-token to create one (no elevated permissions needed for the token).

1. Obtain a developer instance for ServiceNow following the instructions from https://developer.servicenow.com/dev.do#!/guides/paris/now-platform/pdi-guide/obtaining-a-pdi (this requires a ServiceNow account which can be created as part of the steps - just sign up for a new account). Note: development instances go into hibernation when not used and are decommissioned if not used for 10 days.
2. Log on to the development instance.
3. Search for Credentials.
4. Select Credentials under Connections & Credentials.
5. Select Basic Authentication.
6. Enter any name
7. Provide your login email address for Github
8. Password is your personal access token.
9. Click Submit.
10. In the Search field, type in Studio. Select Studio under System Applications. This will open the Application Studio in a new tab.
11. In the Select Application dialog, click Import from Source Control.
12. Enter https://github.com/IBM/ServiceNow-Guardium-Vulnerability-Assessment.git as repository
13. Don't use the main branch. Use another branch so you can create a Pull Request to merge to main
14. In the Credential drop-down, select the entry with the credentials that were created in the previous steps.
15. Click Import to import the source code.

• Navigate to All > System Applications > My Company's Applications
• Click the In Development tab
• Open the application record, for example, IBM Guardium Data Protection

• Click the Publish to Update Set related link

• Fill in version information
• Click Publish
• Go to Local Update Sets
• Open the record
• Click Export to XML

• Download file locally
• Rename to something more relevant like: ServiceNow-Guardium-App-Beta-15.xml
• Upload xml file to the XML Update Set in GitHub

Link to app in app store: https://store.servicenow.com/sn_appstore_store.do#!/store/application/632a6d81db102010253148703996197e/1.0.0

1. Need access to vendor instance https://venXXXXX.service-now.com/. Can only upload apps to the store from vendor instance (function is disabled from dev instances).
2. Need credentials for HI portal: https://hi.service-now.com/. Required to access TPP portal for published apps: https://tpp.servicenow.com/sn_appstore_store.do#!/tpp/program

Technology Partner Technology Resources: https://community.servicenow.com/community?id=community_blog&sys_id=546e2eaddbd0dbc01dcaf3231f9619ee&view_source=publisherportal
Publish portal: https://tpp.servicenow.com/sn_appstore_store.do#!/tpp/program

1. Import or edit the app similar into the vendor instance, similar to steps explained in section 1.
2. After making the required changes and testing the changes locally, go to File | Publish
3. In the dialog, select "ServiceNow Store", set a new version (Note that this is just the development version, it won't change the app version. But every publish needs to be a different development version.). At the bottom, fill in your HI credentials.
4. Go to TPP publish page: https://tpp.servicenow.com/sn_appstore_store.do#!/tpp/program and log on with HI credentials: The HI publish portal gives accesss to all apps that are published from the vendor instance.
5. Go to the Certify tab and filter by Published stated. This will show the IBM app published:
6. When a new version is being published, the app will also show up in the In-Process state.
   The publish process contained two separate review processes:
   App review: Review of app code, including demo of the functionality
   Listing review: Review of listing of app in app store. You can work with OM to fill out this information.

• Navigate to: My Company Applications, open the app, then delete
• Navigate to: sys_repo_config.list, select the repository record, then delete

Project License

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.