Note: This integration is only available for Enterprise programs.
This integration enables organizations to automatically sync security vulnerabilities discovered and reported in HackerOne with ServiceNow Vulnerability Response (VR) or Application Vulnerability Response (AVR). This one-way integration from HackerOne to ServiceNow ensures that vulnerability data flows into your ServiceNow instance for centralized tracking, triage, and remediation.
Creating a Vulnerable Item
You can create new vulnerable items for reports you receive on HackerOne. To create a new vulnerable item from your HackerOne report:
Go to the HackerOne report in your inbox that you want to create a new vulnerable item for.
Click on References.
βSelect the integration you want the report to escalate to in the dropdown and click Create.
β
Customizability
This integration utilizes a Scripted REST API in ServiceNow to process incoming vulnerability data from HackerOne. The provided script serves as a template with sensible default configurations, ensuring basic functionality out of the box. You can also customize and expand the script to meet specific business requirements, such as but not limited to:
Enriching vulnerability data with additional ServiceNow fields.
Implementing custom workflows or validation logic.
Mapping additional fields beyond the default configuration.
Assigning a default user or group.
Installing the Integration
Please follow one of the following setup guides to set up the integration: