File vault Integration

Akshay Jadhav1
Tera Contributor

Hello All,

 

Does anyone know if it is possible to integrate with "FileVault" or "Bit locker"and extract passwords into ServiceNow, either directly or through Kandji or Endpoint Central?

@shreedevin 

@AnkurB 

 

Thank you

3 REPLIES 3

shreedevin
Giga Guru
Giga Guru

HI

Integrating FileVault (macOS disk encryption) with ServiceNow to extract passwords is a complex and potentially problematic task due to security and privacy concerns. FileVault is designed to securely encrypt data on macOS devices, and extracting passwords from it would generally be contrary to its security principles.

However, you can manage and enforce FileVault encryption through Mobile Device Management (MDM) solutions like Kandji or Endpoint Central. These solutions can help manage encryption keys, enforce encryption policies, and integrate with IT service management tools like ServiceNow for better visibility and management. 

import requests

# Kandji API credentials
KANDJI_API_URL = "https://api.kandji.io"
KANDJI_API_TOKEN = "your_kandji_api_token"
# ServiceNow API credentials
SERVICENOW_INSTANCE = "your_instance"
SERVICENOW_USER = "your_user"
SERVICENOW_PASSWORD = "your_password"

def get_kandji_filevault_keys():
headers = {"Authorization": f"Bearer {KANDJI_API_TOKEN}"}
response = requests.get(f"{KANDJI_API_URL}/v1/devices", headers=headers)
devices = response.json()
return devices

def update_servicenow(devices):
for device in devices:
if "filevault_recovery_key" in device:
data = {
"device_id": device["device_id"],
"filevault_recovery_key": device["filevault_recovery_key"],
}
response = requests.post(
f"https://{SERVICENOW_INSTANCE}.service-now.com/api/now/table/your_table",
auth=(SERVICENOW_USER, SERVICENOW_PASSWORD),
json=data
)
if response.status_code != 201:
print(f"Failed to update ServiceNow for device {device['device_id']}")

devices = get_kandji_filevault_keys()
update_servicenow(devices) 

Thanks and Regards
Shreedevi Narayana

Please mark this response as correct or helpful if it assisted you with your question.





Hi shreedevin,

Thanks for replying 

So you're claiming that this is feasible with the Kandji? Correct me if I am wrong, we need to integrate Servinow with Kandji, and Kandji has already receiving the password, therefore we will recover it from Kandji and transfer it to ServiceNow? Does your above message mean this?

 

yes