We're reclaiming inactive PDIs to keep them available for active builders. Learn what's changing, who's affected, and how to protect your work. Read More

rebekaharsa
ServiceNow Employee

Hardening.jpg

 

If you've spent any time in Security Center, you've most likely seen your hardening compliance score. Maybe you've glanced at it and moved on. Maybe you've wondered what's actually dragging it down. Either way, that score means more than it looks like, and it's worth understanding what's behind it.

 

The math behind the number

 

Screenshot 2026-07-15 at 7.35.15 AM.png

 

Every hardening setting on your instance gets a score somewhere between 0 and 1, based on how much it impacts your score. Your compliance score is calculated by adding up everything that's compliant (plus anything with an accepted risk, more on that in a bit), divide by the total possible risk score across every setting, and multiply by 100.

 

For example, let’s take a total compliant and accepted-risk scores of 25.4, out of a possible 34.9, gets you to roughly 73%.

 

All settings

 

Screenshot 2026-07-15 at 7.31.21 AM.png

 

Now let's look at all of the hardening settings, this is the page you'll spend the most time on. Every hardening setting lives here, and you can filter it down based on priority, score impact, compliance status or any other column instead of scrolling through the entire baseline every time.

 

Screenshot 2026-07-15 at 7.38.22 AM.png

 

Diving into any individual setting, you get everything you need in one place: whether it's compliant, the score impact, a priority rating from 1 to 4, the functional impact, step-by-step instructions with a link to documentation, and an accept compliance risk section.

 

Trend and comparison

 

Screenshot 2026-07-15 at 7.41.21 AM.png

 

The score itself is a snapshot, but Security Center also gives you a trend view, so you can see whether your score has actually moved over time, or if it's been flat since the last time someone looked at it. It also shows a list of all the different times your score was recalculated where you can see the score percentage as well as the total non-compliant settings.

 

Screenshot 2026-07-15 at 7.43.54 AM.png

Another great feature is being able to compare two points in time to see which settings changed and how it affected the overall score. You can also see the total list of settings that changed between these two points in time, as well as their priority and security area showed in bar graphs.

Accept Risk

 

Screenshot 2026-07-15 at 7.46.44 AM.png

 

Not all hardening settings will apply to your organization, and before they would just sit there and blend in with the rest of the non-compliant settings.

 

Accept Risk changes that. If you've reviewed a setting and decided the current risk is acceptable, you can accept it and document your reasoning right on the setting itself. It counts the same as compliant in your overall score, but now there's an actual explanation attached to it instead of a silent gap. This not only cleans up your compliance score, but also shines light on the actual hardening settings that still need to be configured or looked at.

 

Note: this is a new feature introduced in the Australia release, if its not available on your instance you may have to update your Security Center version.

 

It’s included on your instance already

 

The best part? None of this requires extra licensing or a separate tool. It's already in Security Center, on every instance. The settings that make up your score aren't random, they're built around what actually reduces risk on your platform. Ignoring the score doesn't make the gaps go away, it just means nobody's decided anything about them yet. Hardening gives you a way to actually decide.

 

Want to see it in action?

 

Sign up for our next live session here!

 

Have questions or want to request a certain topic? Reach out anytime at InstanceSecurity@servicenow.com, we'd love to hear from you.

 

Catch up on past sessions on the ServiceNow Community YouTube Channel.