Secure by Default

We add new security properties to each release of the Now Platform and provide specific recommendations about how to enable these properties within the ServiceNow Instance Hardening Guide. As a customer, you benefit from the services we provide that support application security, malware protection, network security, system configuration, Identity and Access Management (IAM), security response, and data protection.

A high‑security plugin provides advanced security options that can be enabled in all new ServiceNow instances. The plugin enforces the default deny access mode, enables access control rules, and provides elevated access functionality and security‑related roles for a customer’s instance administrators.

The plugin also includes out‑of‑the‑box security‑related properties. For example, you can set restrictions on the nature and types of attachments that can be uploaded into the instance, how those attachments behave when downloaded, and other hardening attributes.

Existing customers can access the ServiceNow Instance Hardening Guide through our customer support portal.