How to set up ServiceNow Vendor Risk integration with UpGuard

Learn how to install and set up the UpGuard Cyber Risk application and integrate it with your ServiceNow Vendor Risk solution

Written by Kurt Brown

 

Connecting UpGuard to your ServiceNow Vendor Risk solution lets you get the security scores, risks, and associated details directly into your ServiceNow third-party records. This allows others in your organization who need access to UpGuard to monitor a Vendor's overall security posture.

The app synchronizes the vendors between systems, imports scores, and risk-related data, and creates alerts within ServiceNow if scores drop or change outside defined thresholds.

You’ll first need to install the UpGuard CyberRisk application into your ServiceNow solution. Once done, you'll create an API Key to allow data exchange between the platforms. Then, you'll customize the settings of the ServiceNow application (such as score change threshold, minimum score settings, and auto-monitoring flag). Let’s run through an example.

Installing the UpGuard CyberRisk application.

  1. Navigate to the ServiceNow marketplace and search for UpGuard Cyber Risk (or use this URL

  2. Follow the prompts to install the application. You may need to ask your ServiceNow administrator to do this step if you don't have permission.

Create an UpGuard API key for the CyberRisk application.

  1. UpGuard recommends you create an API key specifically for this application.

  2. See the article here for more details on how to create an API key.

    Screencapture of the API key settings page with the key name, key string, and date redacted.

Configure the UpGuard CyberRisk application in ServiceNow.

  1. From the main menu, search for the UpGuard CyberRisk Application

  2. Select the UpGuard CyberRisk Settings link.

  3. Enter the API key you established above.

  4. Select the AutoMonitor option.

    1. Select Yes if you wish to monitor every Vendor listed within ServiceNow.

    2. Select No if you wish to flag individual Vendors for monitoring.

  5. Select the VendorRisk Report option (generates and attaches a PDF to the Vendor Record on the initial synchronization between ServiceNow and UpGuard).

    1. Select None to disable this functionality.

    2. Select Summary to run the "Vendor Summary Report".

    3. Select Details to run the "Vendor Details Report".

  6. If desired, change the Score Drop Delta value. This will configure the creation of Vendor Risk Assessment Issues within the ServiceNow platform based on changes in the score greater than or equal to this value. UpGuard recommends a default value of 10.

  7. If desired, change the Minimum Score threshold. This will configure the creation of Vendor Risk Assessment Issues within the ServiceNow platform if a Vendor is found with a score below this threshold. UpGuard recommends a default value of 600.

  8. If desired, change the Debug flag. This controls the level of application events written to the ServiceNow Application logs.

Now that your ServiceNow account is connected, the system is ready to synchronize data between ServiceNow and UpGuard. This occurs on a trigger and runs on a cycle of every 8 hours.

View the UpGuard Overview in ServiceNow.

  1. From the main menu, search for the UpGuard CyberRisk Application

  2. Select the UpGuard CyberRisk Homepage link

  3. There are four views of your Vendor security overview

    1. Portfolio Ratings - Displays Vendors grouped by their letter rating.

    2. High-Risk Vendors - Displays Vendors with a D or F security grading.

    3. Vendors with Mismatched Websites - Displays Vendor records with differences between the website recorded in ServiceNow and the Primary Host Name within UpGuard.

    4. Vendors without WebSites - Displays Vendors in ServiceNow with no value in the website attribute.

View UpGuard details in ServiceNow.

  1. From the main menu, search for the All Third Parties link

  2. Change the "View" to Vendor Risk inside this view.

  3. Open a vendor with a registered website that is a monitored vendor within UpGuard.

  4. Select the UpGuard Summary tab to see basic vendor details.

    1. URL - a hyperlink to view this Vendor within the UpGuard platform

    2. Industry - the industry sector and group defined within UpGuard.

    3. Tier - the tier allocated to this Vendor within UpGuard.

    4. Labels - a comma-separated list of labels applied to this Vendor within UpGuard.

    5. Automated Scanning Summary - a count of the domains continuously monitored within the UpGuard platform for this Vendor.

  5. Select the UpGuard Score Breakdown to see the current score, count of risks, the breakdown of risk count and score by category, and a comparison to the Industry average (only applicable if the vendor is assigned to an Industry within UpGuard).

  6. Select the UpGuard Score Trend to view the change in score over time.

    1. Newly mapped vendors will be updated with the score today, one month ago, three months ago, and twelve months ago.

    2. Subsequent changes in score will be tracked as the score changes.

View UpGuard Scores in ServiceNow

  1. UpGuard is registered as a third-party security score provider in ServiceNow. To see the scores for a vendor from the main menu, search for the All Third Parties link

  2. Change the "View" to Vendor Risk inside this view.

  3. Open a vendor with a registered website that is a monitored vendor within UpGuard.

  4. Select the Risk Intelligence scores tab

View Issues for Scores outside predefined thresholds.

  1. UpGuard optionally creates Vendor Risk Assessment Issues ServiceNow when the score drops by more than a predefined delta or when the score drops below a minimum threshold. To see the issues for a vendor from the main menu, search for the All Third Parties link.

  2. Change the "View" to Vendor Risk inside this view.

  3. Open a vendor with a registered website that is a monitored vendor within UpGuard.

  4. Select the Issues tab.