Join the #BuildWithBuildAgent Challenge! Get recognized, earn exclusive swag, and inspire the ServiceNow Community with what you can build using Build Agent.  Join the Challenge.

Questions on security for portal that are made available to unauthenticated public users

Eva Tee
ServiceNow Employee
ServiceNow Employee

2 hours ago

What security mechanisms are put in place for portal that are made available to unauthenticated public users? 

 

 

Does ServiceNow apply WAF-level controls specifically for public ServiceNow URLs/pages, including:

    • Geo-fencing (e.g. restricting access to certain countries or IP ranges)
    • Bot / automated-attack detection and blocking
    • Spam limitation measures (e.g. IP reputation/tracking, rate limiting)

 

0 Helpfuls
  • 96 Views
1 REPLY 1

Simon Hendery
Tera Patron
Tera Patron

33m ago

Hi @Eva Tee!

 

I'm guessing this is a question on a vendor questionnaire that you're attempting to answer?

 

I'm pretty sure the short answer is 'yes' but this is really something you need to confirm internally, from ServiceNow's own web development team.

 

It's not really something that can be answered accurately or authoritatively by the Community ... unless there is an employee with knowledge of the company's website security practices who happens to be reading?

0 Helpfuls