How to resolve scan finding

Robert Hames
Giga Expert

‎07-20-2022 11:59 AM

We had a security scan run on our instance, and there is one finding that I don't know how to resolve.

Short description: There is a dedicated integration user that runs actions in place of the default

Resolution details: Run as user in automated scripts should have internal_integration_user field checked in user record

This finding is there for each of my scheduled script executions. When I created them, I presumed that the system user would run them. Now, apparently I need to designate a user, and have the above mentioned field checked in the user record.

Do I need to setup a designated user and check this field? If so, what roles should that user have?

Any help/suggestions would be appreciated!

Labels:
  • 1,214 Views
8 REPLIES 8

Aman Kumar S
Kilo Patron
In response to Robert Hames

‎07-28-2022 07:41 AM

Well, if it is the case, raise a HI ticket for get to the bottom of this, if your user acc has the required check box marked, it should resolve the issue.

Best Regards
Aman Kumar
0 Helpfuls

Mark Roethof
Tera Patron
Tera Patron

‎07-28-2022 09:48 AM

Hi there,

What kind of security scan, can you share a bit more? Is it a scan from ServiceNow, like HealthScan? Something else?

Anyway, because someone scans your instance and has findings, doesn't mean you have to follow everything or just agree on everything. Also push some back, ask, etcetera! Because something is a ServiceNow best practice, does not make it your best practice.

I do have a similar Scan Check setup in my Instance Scan. Actually I do filter out the admin user 🙂 See below:

find_real_file.png

If my answer helped you in any way, please then mark it as helpful.

Kind regards,
Mark
2020-2022 ServiceNow Community MVP
2020-2022 ServiceNow Developer MVP

---

LinkedIn
Community article, blog, video list

 

Kind regards,

 

Mark Roethof

Independent ServiceNow Consultant

10x ServiceNow MVP

---

 

~444 Articles, Blogs, Videos, Podcasts, Share projects - Experiences from the field

LinkedIn

Preview file
57 KB
0 Helpfuls

Aman Kumar S
Kilo Patron
In response to Mark Roethof

‎08-01-2022 02:50 AM

Totally agree there, there are few instances that we have faced during these health scans where what OOB configs would have followed, if we end up doing the same, those get caught up in the findings. 

Can be tricky sometimes, where to draw the line.

Best Regards
Aman Kumar
0 Helpfuls

Luiz Guilherme
Tera Contributor

‎08-15-2022 12:31 PM

Hello @Robert Hames , please let me know your findings, if you could solve this problem, because I am in the same place. Thank you

0 Helpfuls