Instance Security Center to ServiceNow Security Center migration

  • Release version: Xanadu
  • Updated August 1, 2024
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Instance Security Center to ServiceNow Security Center migration

    ServiceNow is transitioning customers from the legacy Instance Security Center (ISC) to the modern ServiceNow Security Center (SSC), with ISC sales ending by September 2024. SSC offers enhanced security management for ServiceNow deployments, enabling organizations to improve security posture and compliance through an improved, integrated user experience. This migration guide highlights key differences, functional enhancements, and how to perform tasks in SSC that were previously handled in ISC.

    Show full answer Show less

    Key Features

    • Security Hardening: SSC allows users to review and manually update compliance scores via the Overview or Hardening comparison pages. Settings can be configured directly through linked setting names. Additionally, SSC supports scheduling automatic compliance score recalculations by configuring the SC - Calculate Compliance Monthly scheduled script execution.
    • Security KPIs and Metrics: SSC enhances KPIs by showing score trends over time and consolidates all KPIs and metrics into a single interface with advanced analytics. Over 65 new metrics have been added, with capabilities to create targets and thresholds for effective monitoring. Metrics can be accessed through the Overview > Metrics menu or via All metrics.
    • Security Scanner: SSC introduces new scanning functionalities, including manual or scheduled scans, customizable scan checks and suites, and the ability to compare results between scans. Email notifications can be configured to alert users of security events. Scans are managed through Overview > Scan with suites and results views.
    • Additional Security Features: SSC integrates session monitoring through the Analytics Hub, accessible via Metrics > Sessions. All learning resources are centralized under Overview > Learning. Users can also opt out of Security Center features following documented guidelines.

    Practical Application for ServiceNow Customers

    By migrating to SSC, customers gain access to a comprehensive, user-friendly security platform that consolidates monitoring, metrics, scanning, and compliance management. The enhancements simplify ongoing security maintenance and provide greater insights into security posture trends. Customers should plan to transition before ISC reaches end of sales and leverage SSC’s scheduling and notification features to maintain proactive security oversight.

    For disabling legacy ISC components while using SSC, customers should refer to the appropriate ServiceNow knowledge base article to ensure smooth coexistence and migration.

    Learn the key differences when migrating from Instance Security Center (ISC) to ServiceNow Security Center (SSC).

    Important:

    Instance Security Center is a legacy product that will reach the end of sales by September 2024. ServiceNow Security Center is the recommended solution for customers to adopt going forward. For more information, see the deprecation process article (KB0867184) in the Now Support knowledge base.

    ServiceNow Security Center (SSC) is a security application that consists of a set of purpose-built tools designed to help organizations maintain the security of their ServiceNow deployments. Using SSC, organizations can improve their security posture, strengthen their compliance levels, and do so with a seamless user experience.

    Use this document to learn about SSC enhancements in functionality and how to execute tasks in SSC that were previously done in ISC.

    Security hardening

    Feature enhancements ISC vs SSC
    User interaction updates
    • Review latest score by navigating to the Overview or hardening comparison page.
    • Manually update latest score by navigating to Overview and selecting update score.
    • Change setting configuration by selecting a setting name link on any of these pages and then make edits on the Settings detail page:
      • Overview
      • Hardening > All settings
      • Hardening > Comparison
    Set a schedule for to recalculate your compliance score Using SSC, you can set when the system triggers a refresh of your compliance score.
    1. Navigate to the Scheduled Script Executions [sysauto_script] table.
    2. Find and open the SC - Calculate Compliance Monthly record.
    3. Use the Run, Day, Time zone, and Time fields to set your preferred schedule. Fields used to configure compliance calculation schedule
    4. Select Update to save your changes.

    Security KPIs and metrics

    Feature enhancements ISC vs SSC
    Enhancements to KPIs Using SSC, you can:
    • See the trend of the score over time.
    • Monitor all KPIs and metrics using the same interface and analytical capabilities.
    Enhancements to metrics SSC includes these metrics enhancements:
    • Over 65 metrics have been added.
    • Monitor and analyze KPIs and metrics from a single user interface.
    • Create targets and thresholds for metrics.
    User interaction updates Access Metrics in SSC by navigating to Overview > Metrics, and then selecting metric from the navigation menu. Alternatively, you can navigate to All metrics.

    Security scanner

    Feature enhancements ISC vs SSC
    New functionality SSC includes these functions:
    • Manually execute scans or schedule them to run at specific times.
    • Create your own scan checks.
    • Create your own scan suite.
    • Compare the results of two scans.
    Enhanced email functionality Set up email notifications to stay informed about security events on your instance.
    User interaction updates
    • Run the Auditor scan by navigating to Overview > Scan > Suites and selecting Auditor suite from the list.
    • See scan results by navigating to Overview > Scan > Results.

    Additional security features

    Feature enhancements ISC vs SSC
    Monitor sessions functionality
    • Visualize session activities using the Analytics Hub.
    • Monitor session activity by navigating to Metrics > Sessions.
    Find resources Access all learning resources in a single page at Overview > Learning.

    Opt out of Security Center features

    To disable Security Center features on your instance, follow the steps provided in KB1702514: Guidelines to disable Instance Security Center components (while using Security Center).