Service Graph Connectors for Security Posture Control

  • Release version: Zurich
  • Updated August 18, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Service Graph Connectors for Security Posture Control

    Security Posture Control uses Service Graph Connectors (SGCs) as a primary source for asset data to identify security gaps within your environment. These connectors integrate with various data sources to provide comprehensive visibility into your assets, helping you maintain and improve your security posture. The connectors are available as integration applications from the ServiceNow Store, which you can download and activate based on your organizational needs.

    Show full answer Show less

    Key Features

    • Wide variety of supported categories: The connectors cover numerous asset categories including Digital Employee Experience, Discovery, Endpoint Management (e.g., Microsoft Intune, Jamf), IT Asset Management, Infrastructure Monitoring, Networking, Network Security, Network Performance Monitoring, Configuration and Patch Management (e.g., Microsoft SCCM, IBM Bigfix), Endpoint Protection (e.g., CrowdStrike, SentinelOne), Cloud Providers (Amazon AWS, Microsoft Azure, GCP), Application Performance Monitoring, Directory Services (Microsoft Active Directory), and Vulnerability Assessment (e.g., Qualys, Rapid7, Tenable).
    • Cloud Discovery Exception: If Cloud Discovery is activated, separate cloud provider connectors are not required.
    • Asset and Connector Mapping: After installation, you can view connector details and asset mappings within your ServiceNow instance on specific tables ([snsecspccoreconnector] and [snsecspccoreassettypeconnector]), facilitating management and configuration.
    • Integration with ServiceNow Products: Supports complementary ServiceNow products like Software Asset Management (SAM) and Hardware Asset Management (HAM) to identify discrepancies between software reported by vulnerability scanners and software accounted for in your asset management systems.

    Practical Use and Next Steps

    • Choose and download the relevant Service Graph Connectors from the ServiceNow Store to match your asset categories and security goals.
    • Activate the downloaded applications in your instance to start ingesting asset data.
    • Leverage the connector and asset type tables to monitor and validate data integration.
    • Use the combined data with SAM and HAM to detect and resolve discrepancies, enhancing your security posture accuracy.
    • Refer to ServiceNow documentation for detailed guidance on downloading, configuring, and activating these connectors to ensure proper setup.

    By utilizing Service Graph Connectors, you enable Security Posture Control to aggregate comprehensive asset data, which is essential for identifying and mitigating security risks effectively within your IT environment.

    Security Posture Control relies on API integrations or Service Graph Connectors as a key source for the asset data used to identify security gaps.

    Security Posture Control currently supports service graph connectors (SGC)s that can provide you with a wide variety of data about your assets. These integration applications are available from the ServiceNow Store.

    Choose the connectors you want to use and download the applications and activate them. The list of supported connectors in the Store will grow as Security Posture Control supports more connectors.

    To take full advantage of Security Posture Control features, you might want to download and activate the following Service Graph Connector products to support the categories listed below.

    Service graph connectors supported by Security Posture Control currently include the following categories:

    • Digital Employee Experience
    • Discovery
    • Endpoint Management: Microsoft Intune or Jamf Device and Endpoint Management.
    • IT Asset Management
    • Infrastructure Monitoring
    • Networking
    • Network Security
    • Network Performance Monitoring
    • Configuration and Patch Management: Microsoft SCCM or IBM Bigfix.
    • Endpoint Protection: CrowdStrike or SentinelOne.
    • Cloud Provider: Amazon AWS Cloud, Microsoft Azure, GCP.
      Note:
      If Cloud Discovery is activated, these service graph connector products are not required.
    • Application Performance Monitoring
    • Directory Services (Active Directory) Microsoft Active Directory
    • Vulnerability Assessment: Qualys, Rapid7, or Tenable.

    After you install them, you can view the connectors and their categories on the connector table [sn_sec_spc_core_connector] in your instance.

    You can view Asset types and how they map to CI classes and Connectors on the [sn_sec_spc_core_asset_type_connector] table.

    See Supported hardware service graph connectors for Security Posture Control and Supported software service graph connectors for Security Posture Control for more information and examples of these tables. Although not extensive lists, you can see how the supported connectors provide a wide variety of data.

    Security Posture Control supports ServiceNow products such as Software Asset Management (SAM) and Hardware Asset Management (HAM) that you can use along with service graph connectors to help you to look for any discrepancies that exist between the installed software reported by your vulnerability scanner products and the software reported by scanners that is already accounted for in SAM and other ServiceNow products.

    For more information about downloading, configuring, and activating supported applications for service graph connectors, see the following topics: