Integrate Cisco CUCM Security Vulnerability Workflow with Service Now

In the last post, we went through the process of identifying & collecting information on security vulnerabilities on Cisco CUCM product. In today’s post, we will be taking this use case a notch further by integrating our program that identifies security vulnerability on CUCM with Service Now. The idea is to not just grab vulnerability details, put that in an excel file and store that file on a local computer. In an actual managed services environment, we would want to have a mechanism that lets us know what sort of vulnerabilities are open and what actions have been taken to remediate them. This requires appropriate documentation in the form of tickets and that’s where Service Now comes in.

Before we go any further, we first need to have an appropriate role based access to a Service Now instance that would allow us to interact with its APIs. My recommendation is to first work with your internal teams and gain access to a staging or sandbox instance of Service Now, if possible. It’s not such a good idea to push your code directly onto a production instance.

Alternatively, you can also become a member of Service Now’s Developer network and spin up an instance in the cloud. As a part of this tutorial. This is what we will be doing in this tutorial. The table of contents is given below. You can click on the links to jump to relevant sections.

1. Get a SNOW Developer Account
2. Request a SNOW Instance
3. Creating an Incident in SNOW
4. Attaching a file to an Incident
5. The Result
6. Github Repository

To explore the article in detail and go through the code, please head over to the following link