Service Now Ticketing system integrating with CyberArk PAM (Coming soon ...)
The purpose of integrating CyberArk PVWA (Privileged Vault Web Access) with the ServiceNow Ticketing System is to enforce secure and auditable access to privileged accounts by validating that a legitimate and approved change or incident ticket exists before granting access.
-
All privileged access is tied to authorized business activity (via a ServiceNow ticket).
-
Access is granted only when a valid, open, and approved ServiceNow ticket exists.
-
Organizations meet compliance, audit, and regulatory requirements.
-
Unauthorized or ad-hoc access to sensitive accounts is prevented.
-
Integration supports Just-In-Time (JIT) access models and enhances accountability.
Phase 1: ServiceNow Configuration
- Dev Tenant Registration.
- Service Account Creation
- Users & Groups Creation and Management
- Create INC, CHG and Management
Fig3:
Fig4:
Phase 2: CyberArk Configuration
- Onboard the Service Now Accounts (Local Under application | Domain User Under Domain Platform)
- Enable ServiceNow and configure on PVWA.
Fig2:
Fig3:
Fig4:
Fig5:
Fig6:
Fig8:
Phase 3: Testing & Validation
Fig1:
Fig2:
Fig3:
Fig4:
Fig5: 
How To BYPASS the Ticket
References:
1. CyberArk: Integrate with Enterprise Ticketing Systems | CyberArk Docs
2. CyberArk: ServiceNow Ticketing System | CyberArk Docs
3. Community: CyberArk Integration with ServiceNow Ticketing System Walkthrough
Note: CyberArk should support only INC and CHG items only.
Useful Information:
Types tickets with tables Names
INC – Incident Ticket
-
INTSK – Incident Task
-
RITM – Service Catalog Request
-
TASK – Catalog Task
-
CHG – Change Request
-
CTASK – Change Task
-
PRB – Problem Ticket
-
PTASK – Problem Task
No comments:
Post a Comment