Instance Security dashboard Use the Instance Security dashboard to gain awareness of security level controls, educate with security resources, and take steps to configure and maintain application security standards. Caution: To ensure that your dashboard receives up-to-date security information with every upgrade, do not customize the Instance Security Dashboard. Test all changes to security settings before implementing them in a production environment. Visit System Security > Instance Security Dashboard to view the security compliance score for your instance, learn more about recommended settings, and configure system properties from the following categories: Input Validation Ensure the application is robust against all forms of input data, whether obtained from the user, infrastructure, external entity, or database system. Access Controls Restrict user accounts to control resources on the instance. Authorization Apply authorization controls to the application. Authentication Configure credential and password requirements. Attachments Apply restrictions on all the attachments uploaded, downloaded, and managed on the instance. Session Management Ensure that cookies and other session-related information are securely managed. Security Best Practices Apply best practices to increase the effectiveness of base system security measures on the instance. Secure Communications Ensure that confidentiality and integrity are achieved through SSL certificates and associated metadata. Security Whitelisting Enforce security on unauthorized content. Email Security Apply inbound email configurations for additional security over the default configurations. Logging/Errors Apply logging and auditing strategies so that suspicious activity is identified and acted upon in a timely manner. Note: Some settings require the security_admin role to configure. The Instance Security dashboard can only be modified in the Global scope. You can return to the Instance Security dashboard at any time to adjust your settings and manage the overall security health of your instance. The dashboard automatically updates based on the properties set on your instance. The Instance Security dashboard generates a compliance score based on guidelines in the ServiceNow instance hardening customer security document. Note: The Failed login attempts Today dashboard item only displays local logins. Failed SAML logins do not display.