1. Introduction
The ServiceNow integration with the Cye Exposure Management Platform streamlines collaboration by keeping incidents and findings perfectly in sync.
Whenever the Cye Exposure Management Platform detects a new finding or a change in a remediation asset, it automatically sends a notification to ServiceNow. A ServiceNow incident is then created for each event — no manual work needed.
The integration also works the other way around: updates in ServiceNow flow back into the Cye Exposure Management Platform. For example, if you change a ServiceNow ticket's status to Fixed, the corresponding finding in the Cye Exposure Management Platform is automatically updated to Fixed as well.
2. Prerequisites
Create a Cye platform Access Token for ServiceNow to authenticate to the Cye platform.
The token may already exist. Go to Settings > Access tokenThe Cye platform URL to configure authentication to the Cye platform in ServiceNow
ServiceNow instance
Client ID and secret from ServiceNow OAuth endpoint to be used by the Cye platform for authentication
Administrator access to the Cye platform and ServiceNow
Workflow
Authenticate with ServiceNow.
Create an access token in the Cye platform for ServiceNow to authenticate to the Cye platform.
Create an OAuth API endpoint in ServiceNow to provide the client ID and secret to be used in the Cye platform.
Map ServiceNow fields to the Cye platform fields.
Configure notification rules in the Cye platform to automate ticket creation in ServiceNow.
Create a webhook in ServiceNow and use the Cye platform access token and URL in a script to enable status sync.
Required IP Addresses
Allow traffic from the Cye platform's servers in your firewall:
General IPs:
Europe →
18.198.79.197America →
52.1.10.176,35.171.70.87
IPs for Azure and AWS Scans:
Europe →
18.158.77.90America →
34.206.252.13
Group Management and Integrations
Integrations are created only at the subsidiary level. Findings from an integration appear only in that subsidiary's dashboards and reports. Parent companies cannot create integrations — they can only view aggregated results. To enable Group Management, contact your CYE Technical Account Manager.
3. Configuring on the ServiceNow Side
Configuring OAuth in ServiceNow
Log in to ServiceNow and open Application Registries.
Click New and select Create OAuth API endpoint for external clients.
Fill in: Refresh Token Lifespan: 860,000,000 | Access Token Lifespan: 860,000,000 | Name: the Cye platform
Click Save then Submit. Open the new registry to get your Client ID and Client Secret.
4. Configuring in the Cye platform
Configuring Authentication
Go to Integrations → Data Integrations and click Add integration on the ServiceNow tile. Select the OAuth tab and enter your Instance name, username, password, Client ID, and Client Secret.
Configuring ServiceNow Fields
Complete the following fields in the Cye platform using values from your ServiceNow instance: Caller ID, Assignment group, Impact, Category, Urgency (mapped to Cye platform severity levels), and Sub-category. Click Save when done.
Automating ServiceNow Ticket Creation
Configure notification rules in the Cye platform under Settings > Notifications. Click + New notification, select Entity (Finding or Remediation assets), select Event, set optional conditions (Severity, Security Domain, Status), then select ServiceNow as the action.
Manual ServiceNow Ticket Creation
Go to the Findings page, select one or more findings shared with "Anyone with permission", and click the Create icon to create tickets. Or use the finding menu icon and select Create ticket > ServiceNow.
Creating a Webhook in ServiceNow
In the Cye platform, go to Settings > Access token to create or copy your Access Token and URL. In ServiceNow, open Business Rules, click New, and paste the following script (replacing the Cye platform URL and token):
(function executeRule(current, previous) {
try {
// using the Cye platform URL and access token
var r = new sn_ws.RESTMessageV2();
r.setEndpoint("https://Your-Cye-Platform-URL/api/v1/finding/service_now/status");
r.setHttpMethod("post");
r.setRequestHeader("Authorization", "Token YOUR_ACCESS_TOKEN");
r.setRequestHeader("Content-Type", "application/json"); var obj = {
"number": current.getValue("number"),
"sys_id": current.getValue("sys_id"),
"priority": current.getValue("priority"),
"state": current.getValue("state")
}; var body = JSON.stringify(obj);
r.setRequestBody(body);
var response = r.execute();
var httpStatus = response.getStatusCode();
gs.info("Webhook HTTP status: " + httpStatus); } catch (ex) {
gs.error("Error: " + ex.message);
}
})(current, previous);5. Viewing Results
View tickets in ServiceNow and check the Cye platform for the integration ticket ID. Filter findings by Source or by "With/Without tickets" on the Findings page. Click the ticket link in the Cye platform to open it directly in ServiceNow.
6. Deleting the Integration
Click Delete integration and confirm. Existing data in the Cye platform is retained.
To edit: click Edit Integration, make changes, click Save.
7. FAQs
What happens when a finding is reopened? → Finding status is not synced from the Cye platform to ServiceNow.
Are tickets created for pre-existing findings? → No, only new findings trigger ticket creation.
Do findings need to meet specific criteria? → Yes, they should be shared with everyone and have an open status.
Wrap-up
The ServiceNow integration with the Cye platform ensures full alignment between incidents and findings through two-way synchronization — streamlining remediation and keeping both platforms consistently up to date.