Install and configure the ICAP DLP integration

  • Release version: Yokohama
  • Updated January 30, 2025
  • 1 minute to read

    • Install and configure the  provider ICAP DLP integration from the  ServiceNow® Store on your  ServiceNow AI Platform instance. Start investigating DLP incidents using the  provider ICAP DLP incident data.

    Before you begin

    Role required: sn_dlir.admin

    Procedure

    1. Download the  provider ICAP DLP integration from the  ServiceNow® Store and install it.
    2. Navigate to Security Operations > Integrations  > Integration Configurations.
    3. Search for the  DLP Incident Response Integration with ICAP tile and click  Configure.
    4. On the form, fill in the fields.
      Table 1. ICAP DLP Integration Configuration form
      Field Description
      Region Name Region name of the Amazon S3 bucket name.
      Transaction Data Bucket Name Transaction data bucket name is the bucket where a DLP violation transaction has occurred.
      Evidence File Bucket Name Evidence file bucket name is the bucket where you can find the DLP file that caused the violation.
      Access Key AWS IAM access key for the ICAP configuration.
      Secret Key AWS IAM secret key for the ICAP configuration.
      Configure the DLP Incident Response integration with ICAP.
    5. Click Submit.

    Result

    Note:
    Please connect ICAP sub prod to the ServiceNow sub prod. Keep all the username and passwords in sync across the instances to avoid accounts getting logged out.
    After you successfully validate and submit the configuration, the ICAP DLP Integration configurations is saved.