Configure Zscaler Internet Access product to identify and scan for unknown, potentially malicious files, such as Patient 0 events so that you can protect your network from malicious files.

Before you begin

Role required: sn_si.admin, Zscaler Internet Access admin

About this task

Patient O is an alert class that includes an unknown file that has been permitted to download but is found to be malicious. The patient 0 event is classified as critical. You can set up the ServiceNow AI Platform to receive email alerts at regular intervals for Patient 0 events.

Procedure

  1. Navigate to All > System Mailboxes > Administration > Email Properties.
  2. In the Inbound Email Configuration section, select the Email receiving enabled option.
    Figure 1. Inbound email configuration
    Configuring inbound email.
  3. Click Save.
  4. Navigate to System Mailboxes > Administration > Email Accounts.
    ServiceNow AI Platform SMTP email account.
  5. Select the ServiceNow SMTP email account.
    Note the user name. The user name that is identified here is the ServiceNow AI Platform email address that you use to configure in Zscaler for Patient 0 alerts.
    Figure 2. User name for the ServiceNow AI Platform SMTP account
    User name for the ServiceNow AI Platform SMTP account.
  6. Log in to the Zscaler Internet Access administration portal.
    Note: For more information on the Zscaler Internet Access administration portal, see the Zscaler documentation.
  7. Navigate to Administration > Alerts > Publish Alerts.
  8. Click Add Alert Subscription.
  9. On the form, fill in the fields.
    Table 1. Add Alert Subscription form
    Field Description
    Email ServiceNow AI Platform SMTP account email address.
    Description Field for adding more details about the Patient 0 alerts.
  10. Click Save.