New hardening settings for baseline version 2.0

  • Release version: Zurich
  • Updated July 31, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of New Hardening Settings for Baseline Version 2.0

    Security Center baseline version 2.0 introduces enhanced hardening settings to improve the security posture of your ServiceNow instance. These updates build upon previous versions (1.3 and 1.5) and are designed to enforce stricter access controls, session management, data protection, and application security measures in accordance with the Zurich release.

    Show full answer Show less

    Key Features

    • Access Control Enhancements: Includes checking archive table ACLs, enforcing scoped ACL access for information request playbooks, requiring write access for service catalog item pages, and ensuring dashboard creation/deletion requires access checks.
    • Session and Integration Security: Limits active session lifespans for integrations, UI, and guest users, proactively invalidates inactive sessions, and defines exception roles for active session timeouts.
    • Application and API Security: Enables hardened Java Security Manager, restricts OAuth parameters to POST body, disables legacy GlideRecord Scope Fencing, requires secure insert multiple operations in import set APIs, and validates file mime types in SOAP web services.
    • Certificate and Authentication Controls: Verifies certificate revocation with enforced OCSP checks, controls certificate-based authentication, and requires captcha for guest walk-up experiences.
    • Data Protection and Privacy: Enforces device encryption and passcode requirements, clears pasteboard when mobile apps background, limits attachment sizes in training/prediction flows, hides user comments on articles, and restricts HR case updates from personal emails.
    • Audit and Logging: Enables MID audit logs and logs session audit events to improve traceability and compliance.
    • Security Policies and Protocols: Sets safe content security policies for SVG files, enforces strict elevate privilege, anti-CSRF token validation time, secure referrer policy enforcement, and scope security for public sector digital services.
    • Additional Controls: Disallows target cloning, requires JMS connection factories, and restricts knowledge base access to enhance data integrity and limit unauthorized access.

    Key Outcomes

    By implementing these baseline 2.0 hardening settings, ServiceNow customers can expect:

    • Stronger protection against unauthorized access and data breaches through improved ACL enforcement and session management.
    • Enhanced security for integrations, APIs, and mobile applications reducing attack surfaces.
    • Improved compliance with security policies and regulations by enforcing encryption, certificate validation, and audit logging.
    • Greater control over user activities and content sharing to safeguard sensitive information.
    • A more secure environment aligned with modern security best practices tailored for ServiceNow Zurich release.

    New hardening settings have been released with Security Center baseline version 2.0.