Penetrating testing on NowAssist skills

ubhimani
Tera Contributor

Is there a way to perform penetration testing on the NowAssist module directly without using the UI interface?

3 REPLIES 3

kalpanashar
Tera Contributor

 

Direct penetration testing (outside the UI) on Now Assist or any module is not permitted unless explicitly approved by ServiceNow.  I think customers can request penetration testing on a sub-production instance by submitting a formal request through the Hi Support Portal. This includes testing APIs, integrations, and backend logic provided it’s scoped and approved.

 

abirakundu23
Mega Sage

Hi @ubhimani,
Yes It is possible penetration testing in ServiceNow Now Assist product.


1. You can use Now Assist Guardian which is Security layer of Now Assist. It can detect  Offensive prompt while LLM process the Prompt. To get more details and please follow the below links.

https://www.servicenow.com/community/now-assist-articles/nowassist-guardian-a-comprehensive-guide-fo...

https://www.servicenow.com/docs/bundle/yokohama-intelligent-experiences/page/administer/now-assist-p...

2.Another approach, ServiceNow exposes various APIs, such as REST, SOAP, and JSONv2, which can be used to interact with the Now Assist module programmatically.

Please mark helpful and correct answer if it's worthy for you.

rpriyadarshy
Mega Guru

Hi Ubhimani

 

Pen Test for Service Now Instance and then a specific module of Service-Now. Service-Now Runs a PEN TEST Program and it can be utilized. 

FAQ- Customer Penetration Testing Program FAQ - Support and Troubleshooting

Process Overview- Customer Penetration Testing Process Overview - Support and Troubleshooting - Now Support Portal

Pen Test Policy- Customer Penetration Testing Policy - Support and Troubleshooting - Now Support Portaly

 

Regards

RP