Thank you for your feedback.
Form temporarily unavailable. Please try again or contact to submit your comments.

Instance security dashboard and settings

Log in to subscribe to topics and get notified when content changes.

Instance security dashboard and settings

Use the Instance Security dashboard to gain awareness of security level controls, educate with security resources, and take steps to configure and maintain application security standards.

Caution: To ensure that your dashboard receives up-to-date security information with every upgrade, do not customize the Instance Security Dashboard. Test all changes to security settings before implementing them in a production environment.

Visit System Security > Instance Security Dashboard to view the security compliance score for your instance, learn more about recommended settings, and configure system properties from the following categories:

Input Validation
Ensure the application is robust against all forms of input data, whether obtained from the user, infrastructure, external entity, or database system.
Access Controls
Restrict user accounts to control resources on the instance.
Apply authorization controls to the application.
Configure credential and password requirements.
Apply restrictions on all the attachments uploaded, downloaded, and managed on the instance.
Session Management
Ensure that cookies and other session-related information are securely managed.
Security Best Practices
Apply best practices to increase the effectiveness of base system security measures on the instance.
Secure Communications
Ensure that confidentiality and integrity are achieved through SSL certificates and associated metadata.
Security Whitelisting
Enforce security on unauthorized content.
Email Security
Apply inbound email configurations for additional security over the default configurations.
Apply logging and auditing strategies so that suspicious activity is identified and acted upon in a timely manner.
Note: Some settings require the security_admin role to configure. The Instance Security dashboard can only be modified in the Global scope.

You can return to the Instance Security dashboard at any time to adjust your settings and manage the overall security health of your instance. The dashboard automatically updates based on the properties set on your instance. The Instance Security dashboard generates a compliance score based on guidelines in the ServiceNow instance hardening customer security document.

Note: The Failed login attempts Today dashboard item only displays local logins. Failed SAML logins do not display.