Regarding Zscaler integration with security incident response

KarthikReddyN
Tera Contributor

‎03-06-2025 02:18 AM

Hi All,

I need to perform a task on Security Incident Response Module, where i need to integrate the Zscaler application to servicenow from scratch.
i struct with the admin account creation part in zscaler.
can anyone of you guide me am i on the right path or not.....?

your guidance is really helpful to me.

Thanks in Advance,
Karthik


0 Helpfuls
  • 856 Views
2 REPLIES 2

Eliz Skogquist
ServiceNow Employee
ServiceNow Employee

‎03-07-2025 07:50 AM

Hi KarthikReddyN,

 

Are you able to use the SIR integration to Zscaler from the ServiceNow store: https://www.servicenow.com/docs/bundle/yokohama-security-management/page/product/secops-integration-... ?

0 Helpfuls

VaranAwesomenow
Mega Sage

‎04-29-2025 01:32 AM

As @Eliz Skogquist mentioned there is a store app Security Incident Response Integration with Zscaler - ServiceNow Store which performs following functions

he Security Incident Response integration with Zscaler enables Security Analysts to do the following:
  • Perform a reputation lookup of observables against the global threat library maintained by Zscaler.
  • Add or remove observables from the block list or allow list on Zscaler.
  • Retrieve and review sandbox reports from Zscaler for an MD5 hash.
In addition, this integration also supports creating a security incident from Patient 0 alerts that are generated in Zscaler when a user downloads an unknown malicious file.
 
You can refer to the data model of this app if you are interested in under the hood details of the app
Checkout Varan awesomenow youtube channel for more learning videos!
0 Helpfuls