Home Madrid Release Notes Madrid release notes Release notes summaries for Madrid features New features and products in Madrid

New features and products in Madrid

Cumulative release notes summary on new Madrid features and products.

New products were introduced in Madrid, and additional features were added to existing ServiceNow products.

Application or feature

Details

API

Table 1. New scoped classes and additional methods to existing scoped classes
Class	Activated with	Methods
FlowAPI	Flow Designer	executeAction() executeFlow() executeSubflow() setEncryptedOutput() startAction() startFlow() startSubflow()
GlideRecord - Scoped	Now Platform	isEncodedQueryValid()
Notify - Scoped	Notify	hasCapability()

Table 2. New global classes and additional methods to existing global classes
Class	Activated with	Methods
Agent	Advanced Work Assignment	getPresence() setPresence()
MLPredictor	Agent Intelligence	applyPrediction() applyPredictionForSolution() findActiveSolution() findActiveSolutionsForRecord() getPredictedValue() getPredictions() isClassificationSolution() isSimilaritySolution() recordFinalValuesInPredictionResults()
Notify	Notify	hasCapability()
OnCallRotation	Now Platform®	getPrimaryUsers() getPrimaryUserByRota() getPrimaryUserNameByRota() getEscalateesAt()
Queue	Advanced Work Assignment	route()

Table 3. New client classes and additional methods to existing client classes
Class	Activated with	Methods
GlideFlow	Flow Designer	getExecution() startAction() startFlow() startSubflow() awaitCompletion() getExecutionStatus() getOutputs()
NotifyClient	Notify	addEventListener() destroy() getStatus()

Table 4. New REST APIs and additional endpoints to existing REST APIs
API	Activated with	Endpoint
Agent	Advanced Work Assignment	GET /api/now/awa/agents/{sys_id} PUT /api/now/awa/agents/{sys_id}
Change Management	Change Management	DELETE /sn_chg_rest/change/{change_sys_id}/task/{task_sys_id} DELETE /sn_chg_rest/change/emergency/{sys_id} DELETE /sn_chg_rest/change/normal/{sys_id} DELETE /sn_chg_rest/change/standard/{sys_id} DELETE /sn_chg_rest/change/{sys_id}/conflict GET /sn_chg_rest/change/{change_sys_id}/task GET /sn_chg_rest/change/{change_sys_id}/task/{task_sys_id} GET /sn_chg_rest/change/emergency GET /sn_chg_rest/change/emergency/{sys_id} GET /sn_chg_rest/change/normal GET /sn_chg_rest/change/normal/{sys_id} GET /sn_chg_rest/change/standard GET /sn_chg_rest/change/standard/{sys_id} GET /sn_chg_rest/change/standard/template GET /sn_chg_rest/change/standard/template/{sys_id} GET /sn_chg_rest/change/{sys_id}/conflict PATCH /sn_chg_rest/change/{change_sys_id}/task/{task_sys_id} PATCH /sn_chg_rest/change/emergency/{sys_id} PATCH /sn_chg_rest/change/normal/{sys_id} PATCH /sn_chg_rest/change/standard/{sys_id} PATCH /sn_chg_rest/change/standard/{sys_id}/risk PATCH /sn_chg_rest/change/{sys_id}/approvals POST /sn_chg_rest/change/normal POST /sn_chg_rest/change/emergency POST /sn_chg_rest/change/{change_sys_id}/task POST /sn_chg_rest/change/standard/{standard_change_template_id} POST /sn_chg_rest/change/{sys_id}/conflict
Queue	Advanced Work Assignment	POST /api/now/awa/queues/{sys_id}/work_item

Agent Intelligence

Similarity framework: Use the Agent Intelligence similarity framework to build a word corpus (a collection of machine-readable text that is assembled for the purpose of research) to compare trained records that are based on textual similarity.
Create and train a similarity solution: Create and train a solution that applies machine learning to train the word corpus to target and recommend similar records in your instance data set.
Review solution similarity examples: Review the similarity examples and scores that the system provides during solution training. Determine if you need to update the similarity score threshold of your trained solution.
Update your similarity score threshold: Update the similarity score threshold value if you want the results that are returned by the solution to be more or less similar.
Agent Intelligence for Event Management: Use your instance records to build Event Management-specific machine-learning solutions.
MLPredictor - Global: Use the utility methods in this API for Agent Intelligence predictions.

Agile Development 2.0

Quick start tests for Agile Development 2.0: Validate the continued functionality of Agile Development 2.0 after any configuration change such as an upgrade or after developing an application. All test suites and tests should pass on a default implementation. To validate a custom implementation, copy the automated tests and configure them for your customizations.
Performance Analytics Content Pack for Agile 2.0: Install the Performance Analytics Content Pack for Agile 2.0 application from the ServiceNow Store. Performance Analytics Content Pack for Agile 2.0 contains preconfigured dashboards with data visualizations that help you improve your Agile processes and practices.

Antivirus Scanning

Configure Antivirus Scanning: Configure Antivirus Scanning across your instance and at the table level.
Dictionary attributes for Antivirus Scanning: As an administrator, you can set the values of dictionary attributes to modify the behavior of the default Antivirus Scanning configuration.
Review antivirus activity: The Antivirus Activities log tracks all activities that occur on potentially infected files from the point that they are discovered and placed into quarantine.
Review quarantined files: Review quarantined file attachments and take further action as needed.

Application Portfolio Management

Enhancements in Technology Portfolio Management Timeline (TPM)

Retrieve the business applications risk data stored in the Business Application Risks [sn_apm_tpm_business_application_risk] table. Risks of all business applications are calculated and the data are stored in the risks table to make optimal use of the risk engine. Since risks are stored and retrieved from the table, their retrieval is faster when loading the Technology Portfolio Management timeline or the Capability Based Planning portal. Execute the Load TPM Risk Parameters and compute Business Service Risks scheduled job daily to obtain the real-time status of risks your business applications are exposed to in a given day. Running this job populates the business risks table.
Relate the software models that the suggestions engine picks up to your application service instead of searching for and then mapping them manually. You can easily manage the results of two subsequent runs of the software models suggestions engine by reviewing the new software models suggested by the engine in the latest run.
Navigate to Business Application Risk Values in the applications menu to view the risk record of each business application.
View the risk scores at the risk parameter level by clicking the risk bubble of the software model in the TPM timeline.
Filter business applications based on their risk factor using the business application risk filter.
Select the By Product Classification view to dynamically load software models, business applications, and application services in the timeline. All technology categories or product classifications are loaded as the page loads.

Application roadmap

Use the graphical view of the application roadmap that opens in an investment portal, which is exclusive to Application Portfolio Management, to view all the projects and demands that are planned for a business application in a fiscal year.

Application assessment indicators

Fetch cost data from the IT Financial Management buckets using the seven cost indicators to assess the performance of business applications in Application Portfolio Management. Know the exact amount that is allocated to a business application from a cost bucket using the preconfigured L2 Costing — Business Applications cost model.
Use the APM application indicators to get the count of all incidents that are associated to a business application, and derive the relative weight of the application. The incident indicators gather data at an instance level and then bundle them up at the application level.

Quick start tests for Application Portfolio Management

Validate the continued functionality of Application Portfolio Management after any configuration change such as an upgrade or after developing a new application. All test suites and tests should pass using a default implementation. To validate a custom implementation, copy the automated tests and configure them for your customizations.

Application security

Instance security center: Monitor the compliance level of instance security controls, view security event monitoring metrics, configure and maintain instance security settings. The Instance Security Center consolidates several key security components into a single comprehensive control console that helps you detect, protect and respond to instance based security events.

Approvals

Embed an approval request within the Outlook email client: Embed an interactive approval request for service catalog requests in the email notification sent to a user. The user can accept or reject the approval request from the email client.
Mobile experience for Approvals: Approve catalog requests, requested items, or change requests from anywhere using the ITSM ServiceNow Agent application.

Assessments and Surveys

Question Bank module: Add question categories (metric categories) and questions (metrics) in the Question Bank module so that you can reuse them when you create or update a survey. This module is available for all evaluation types, that is, surveys, assessments, and quizzes.
The demo data for the question bank is available only when you activate the Survey Question Bank Sample Data plugin (com.snc.question_bank_data). This demo data is available for surveys in the Platform UI and Survey Designer (under Questions and Categories tabs).
Embedded survey within the Outlook email client: Embed an interactive survey in the email notification that is sent to the user by selecting the Outlook Actionable Message check box in the survey definition. Your users can answer the survey questions and submit the survey from the email client instead of opening it in a new browser tab.
Note: To use this feature, you must activate the Outlook Actionable Messages plugin (com.sn_ms_oam).
Ability to take a survey in the Connect chat client: Configure a survey in the Connect chat client by using the Chat Survey module. When a support agent ends the chat, the survey URL is displayed.
Note: To use this feature, you must activate the Connect Support plugin (com.glide.connect.support).
Recipients list: Send a survey invite to a targeted set of users by using a recipients list. Using the dynamic condition method, you can create a dynamic recipients list that can be used for multiple surveys.
Localization for a public survey: Use the Enable/Disable whether to show language picker when a public survey is taken property to enable a language picker for a public survey. When a survey user takes the survey, it is first available in the language that you set. However, the user can use the language picker to change the language of the survey. Localization is also applicable to Service Portal.
Note: You must activate the language plugins for each language that you want your surveys to be available in.
Quick start tests for surveys: Validate that Assessments and Surveys still works after you make any configuration change such as applying an upgrade or developing an application. Copy and customize these quick start tests to pass when using your instance-specific data.

Authentication

Support JSON Web Tokens (JWT) for external API providers: JWTs provide the capability to configure server-to-server API interactions between ServiceNow and external API providers without requiring any user intervention. This support enables IntegrationHub or other automated tasks using JWTs to configure API and Service integrations with different providers.
Guest Session Timeout property: This new property, glide.guest.session_timeout, decouples a session timeout for a guest session from the glide.ui.session_timeout.
Support Facebook authentication: Your Facebook user account can link to your ServiceNow user account to perform actions, such as pre-set conversations or notifications, through a conversational bot platform.

Automated Test Framework

Automated Test Framework Properties: Enable tests with Custom UI steps to capture page data each time they are run.
Custom UI test steps: Test customized user interfaces such as UI pages and UI macros by retrieving their HTML and JavaScript page components and identifying the test actions they support.
Page Inspector: Identify which HTML and JavaScript page components of your user interfaces are available for custom UI testing. Enable automated testing by ensuring your user interfaces only contain testable page components.
Develop testable custom components: Change the testing properties of a particular page component using Automated Test Framework-specific HTML attributes.
Parameterized tests: Run a test multiple times with different test data for each run. Create parameters to store test data for each test run.
Add tests to a suite with a filter: Automate the creation of test suites by using a filter to dynamically add tests to a test suite when they match the filter conditions. Reduce the time that your test designers spend manually creating and maintaining test suites.
Available quick start tests by application or feature: Validate that your instance still works after you make any configuration change such as apply an upgrade or develop an application. Copy and customize the ServiceNow-provided quick start tests to pass when using your instance-specific data.

Change management

New features added to Conflict detection

Change conflict scheduling: When potential change scheduling conflicts are identified, change conflict scheduling identifies dates and times where no conflict exists and provides a new Scheduling Assistant user interface that allows a change requester or fulfiller to select a date and time with no conflicts. To take advantage of this new feature, activate the following two new properties:
- Define the number of days to be factored after the respective Planned start/end date of a Change record when searching for the next available time (change.conflict.next_available.schedule_window).
- Define the number of suggestions to be calculated for the next available time field on a Change (change.conflict.next_available.choice_limit).
A new conflict type called Assigned to already scheduled is introduced to identify when the assignee of a change request is already assigned to another change request scheduled on the same date and time.

Change REST API suite

Empower your DevOps teams to easily integrate Change Management from their Continuation Integration or Continuous Delivery pipeline by using the REST API suite. This suite of APIs allows any of the supported change types to be created, updated, approved, and worked on from creation to closure. Use the REST API suite for the Change Management application to empower DevOps teams to integrate from their Continuation Integration or Continuous Delivery pipeline with Change Management.

The new com.snc.change_management.enforce_data_requirements property is introduced to provide additional controls to supplement existing UI policy and client scripts. This property is installed with Change Management - Core and is true by default for new customers and false for any upgrading customers.

Change approval policy

Generate and configure approvals in Change Management based on a new platform feature called Decision Tables. Change Approval Policies allow conditional approval policies to be configured using simple platform records and then generated as an integral part of change workflows. With Change Approval Policies you can apply varying levels of approval governance dynamically based on platform data, the introduction of additional approval users or groups, or automated approvals tied to users for Normal and Emergency change types.

Enhanced refresh impacted services

The Refresh Impacted Services UI action can populate the Impacted Services/CIs related list with any application service impacted by a configuration item listed in the Affected CIs related list. Previously, Refresh Impacted Services only worked against the Primary configuration item referenced on the form.

The new Impacted CIs/Services related list is generated from all CIs listed in affected CIs related list (change.refresh_impacted.include_affected_cis) property is introduced to use this capability. This property is enabled by default. For more information, see Change Management properties.

Quick start tests for Change Management

Validate the continued functionality of Change Management during application development and after upgrades. Copy and configure these automated tests to identify customizations needing review.

Standard Change catalog for support for workspaces

Added a Standard Change Catalog support for Workspace. When a standard change template is initiated from a workspace form view of another task type, for example, an Incident, Change Management redirects to a workspace form view of the standard change request.

Now Platform® branding

Updated the CAB workbench portal and Change Conflict Calender to align to the base system platform color palette.

Cloud Management

Simplify creation of service offering in Service Catalog using cloud-native templates: Taking a service-centric view, this feature allows the service designer to start with a catalog item and design the end user catalog experience. The service is driven by importing cloud-native templates or ServiceNow blueprints.
Enable use of technologies like Orchestration to drive day 1 and day 2 operations: Cloud services and operations continue to grow at breakneck speeds. This feature allows customers, partners, and field personnel to add new services and operations using Orchestration workflows. This is especially useful for creating new day 2 operations for various cloud resources.
Performance improvement for Cloud User Portal and Admin Portal: The Cloud Management platform includes both an Admin and a User Portal, each serving a different role. This release focuses on user interface performance improvements for both the Admin and the User portals. The performance-related changes are transparent to the user.

Communities

Community profile time zone: Set a preferred time zone when registering with the community or from the community profile.
Antivirus protection for community attachments: If antivirus protection is enabled, all attachments that are uploaded into or downloaded from the community are scanned for viruses.
Forum hierarchy: Create sub forums and map them to a parent forum. The forum hierarchy is displayed on the community pages.
Last updated time stamp: Displays when updates were last made to replies, comments, answers marked as correct, and which user made the updates.
Enhancements to the community TinyMCE editor: Change the font and add tables when creating community content.
Automatic addition of secondary content types: Adds the respective secondary content types automatically when configuring primary content types for a community forum.
Exclude self-award: Checks that a user is not awarded gamification points for content they authored.
Created date sort option: Sort by the date on which content was created from the community homepage or forum landing page.
Contributions on the community profile page: Displays a list of the number of user contributions to the community.
Additional notification preferences: Select My Blog marked as helpful, My comment marked as helpful, My Question upvoted, and My Answer marked as helpful as activity feed options or email notifications.
Full-sized images: Open an image from community content, such as a question, to view a full-sized image.
Quick start tests for Communities: Validate the continued functionality of Communities after any configuration change such as an upgrade or after developing an application. All test suites and tests should pass on a default implementation. To validate a custom implementation, copy the automated tests and configure them for your customizations.

Configuration Compliance

Configuration Compliance assignment rules overview: Version 9.0: Define assignment rules to automate the assignment of configuration test results to their respective remediation teams. Assignment rules can also be reapplied to existing test results on-demand, or automatically on a scheduled basis. Reapplying ensures test results reflect the latest rule changes or ownership updates in the CMDB.
Note: For upgrade customers, the Assignment group and Assigned to fields must be added to the test results form manually.
Configuration Compliance test result groups and group rules overview: Version 9.0: Use Group Rules to automatically create Test Result Groups.These rules group non-passed test results in terms of how they’re going to be remediated and by whom. Group rules can also be reapplied to existing test results, ensuring test result groups reflect the latest test result and group rule changes.
Remediation owner added to roles: The sn_vulc.remediation_owner role compartmentalizes the view and update permissions of test results, test result groups, and related policies, authoritative sources, and other content for remediation teams. sn_vulc.remediation_owner is part of the itil role. Remediation owners can view and update only the test results and test results groups assigned to them or to one of their user groups.
Configuration Compliance has moved to the ServiceNow Store: Version 8.0: You no longer need to wait for the platform family release of Configuration Compliance to enjoy new features, updates, and fixes. The latest version of Configuration Compliance is published on the ServiceNow Store and available for download.
Multi-source support in Qualys: Version 8.0: If you have multiple deployments of the Qualys Cloud Platform application, you can add an integration for each deployment. Data sourced from each deployment is identified and available in a single instance of Configuration Compliance.

Configuration Management Database (CMDB)

Agent Workspace for CMDB

Access the following essential CIs and related details from Agent Workspace for CMDB:

Timeline view to access changes, change requests, and incidents for CIs
Health widget to view health scores for CIs
Relationships widget to view level 1 relationships (direct relationships) for CIs
All critical attributes related to CIs
Ability to create incidents and change request from the CI form view

CMDB Health

Use the system property glide.cmdb.health.src.cmdb_health_audit_only to configure CMDB Health to disregard data from other sources, such as cloud discovery.

CMDB roles

Control read access to the CMDB by using the cmdb_read role. The cmdb_read role is required for reading any CMDB table, and it is contained in existing roles such as admin and itil.

CMDB Search

Search the CMDB by using queries that are more complex than the basic global text search. Enter an almost free-style search text with configurable synonyms and stop words. CMDB Search then converts that text into a properly formulated query on CMDB CIs and relationships.

Quick start tests for Configuration Management Database (CMDB)

Validate that Configuration Management Database (CMDB) still works after you make any configuration change such as applying an upgrade or developing an application. Copy and customize these quick start tests to pass when using your instance-specific data.

Contextual Search

Source selector: Specify a resource to search from the choice list next to the Related Search field.
Search on tab field: Configure the search so that it searches only when the agent enters text in the Short description field or in a search field and then removes the cursor from the field.
Disable actions: You can now disable search actions except the This helped action.
Attach note field: Specify a field where the attached knowledge article should be copied by selecting the Use custom field for attach note check box and putting the field name in Attach note field. Earlier, the attached knowledge article was copied to the field set in the glide.knowman.attach.fields property.

Contextual development environment

Extension points for UI macros and scripts: Create and embed custom code hooks, called extension points, into UI macros and scripts in scoped and global application base code. You can use extension points to designate where custom UI macros and scripts be called and then processed to extend the base Now Platform functionality.
Because you do not need to embed extension points directly into the core application code, you prevent application paths from breaking during upgrades.

Continual Improvement Management

Integration with ITOM and GRC applications

Link new and existing records from IT Operations Management (ITOM) and Governance, Risk, and Compliance (GRC) to Continual Improvement Management on the base system with one click.
ITOM Configuration Management Database (CMDB) application integration includes a related link to create an improvement initiative on the Remediate Duplicate Tasks form. CIM integration allows easy submittal of an improvement initiative to address issues around de-duplication of CMDB tasks.
GRC application integration includes a related link to create an improvement initiative on the Issues form. You can also create multiple improvement initiatives from a single audit control task and view the associated tasks in a related list.

Enhanced linking with implementing tasks outside of CIM

Link a single CIM task to multiple integrated application tasks (problem, incident, demand, for example), and link multiple CIM tasks to a single integrated application task for more flexible improvement initiatives.

Quick tests for Continual Improvement Management

Validate the continued functionality of Continual Improvement Management after any configuration change such as an upgrade or after developing an application. All test suites and tests should pass on a default implementation. To validate a custom implementation, copy the automated tests and configure them for your customizations.

Credentials

Credential aliases for Discovery: Allows an administrator to use specific credentials on Discovery schedules. Credential aliases provide more control over which credentials a Discovery schedule is allowed to use and prevents the unnecessary exposure of credentials with elevated privileges.

Customer Service Management

Case action status: Identify cases that require attention and quickly prioritize workload using visual indicators in the Action Status column on the Case list.
Customer Service integration with Service Management: Provides an integration between Customer Service Management and the Incident, Problem, Change, and Request Management applications. Agents can create incident, problem, change, and request records from customer service cases.
Agent Workspace for Customer Service Management: Integrates the platform functionality specific to tier 1 customer service agents and puts these features into an easy-to-use interface. These features enable agents to be more efficient, such as a multi-tab interface for managing multiple cases and a heads-up contextual display that provides quick orientation to the task at hand.
Lookup and verify: Enables agents using Agent Workspace for Customer Service Management to quickly look up contacts or consumers using information such as the name, phone number, account, or record number, and verify that information on the interaction record.
Advanced Work Assignment for Customer Service Management: Automatically route and assign cases as work items in Agent Workspace to customer service agents based on availability, capacity, and skills. Define work item queues, routing conditions, and assignment criteria that AWA uses to distribute work items. From the agent inbox, agents can see pending assignments, set availability, and accept or reject work items.
Similar cases: Provides an easy way for an agent working on a case or a problem to find similar, already resolved records. The agent can link the current record to a similar record and also copy resolution notes to the current record.
Quick start tests for Customer Service Management: Validate the continued functionality of Customer Service Management after any configuration change such as an upgrade or after developing an application. All test suites and tests should pass on a default implementation. To validate a custom implementation, copy the automated tests and configure them for your customizations.

Dashboards

Dashboard picker enhancements: Find dashboards more quickly. On each dashboard, the dashboard picker enables you to choose from the dashboards you have permission to view, with the most recently opened dashboards shown first. Previously, this list showed all dashboards by default. Click Load all dashboards to see a list of all dashboards available to you.
Quick start tests for Dashboards: Validate the continued visibility and sharing functionality of dashboards after any configuration change such as an upgrade. All test suites and tests should pass on a default implementation. To validate a custom implementation, copy the automated tests and configure them for your customizations.

DevOps

Configurable pipeline modeling

Model pipeline stages in DevOps at the app level for easier management of your pipeline process and end-to-end visibility in DevOps. More than one app per pipeline is supported.

Planning, coding, and orchestration tool integrations

Connect to your existing DevOps toolchain to collect lifecycle events and data using tool integrations provided with the DevOps application. Planning tool integrations include Jira, and ServiceNow Agile Development 2.0. Coding tool integrations include GitHub, GitHub Enterprise, and Bitbucket. Orchestration tool integration includes Jenkins. JUnit-style test results from Jenkins are supported.

Change acceleration

Automatically create change requests for pipeline stages under change control. A DevOps Change workflow and DevOps Change Approval policy can be used to enable automatic DevOps change approvals. Change requests are automatically updated with implementation details from the orchestration task.

DevOps Insights dashboards

Use the DevOps Insights Starter and Standard dashboards to provide visibility into change results, pipeline value stream, and overall DevOps process. The Standard dashboard includes commits, in addition to development, deployments, change acceleration, and system health tabs. Drill into data collected over time and compare data sets to analyze operational and business insights.

App Pipeline UI view

Use the App Pipeline UI to show the pipeline status for each app in a central graphical view. You can view pipeline execution information, including stage progression, work items, associated commits, and links to change requests for approval and test results. The App Pipeline UI can also be accessed from within a DevOps change request.

Support for common Jenkins plugin features

Use scripted or declarative code in your Jenkins pipeline. Parallel and sub stages are supported. Configure multibranch change control in a DevOps app step to create change requests for multiple branches. CloudBees Jenkins Folders plugin is also supported for discovering and getting notifications from Jenkins jobs in folders.

User-created integrations support for planning, coding, and orchestration tools

Create subflows in Flow Designer to integrate planning, coding, and orchestration tools not included in the integrations provided with the DevOps application. Incoming webhook notifications processing is supported. Import integration capability is not supported.

Version 1.9: Connect and discover integration capabilities are also supported.

The DevOps API can also be used for user-created planning, coding, and orchestration tool integrations.

Quick start tests for DevOps

Version 1.10: After upgrades and deployments of new applications or integrations, run quick start tests to verify that DevOps still works. If you customized DevOps, copy the quick start tests and configure them for your customizations.

Discovery

Discovery performance metrics

Use metrics collected by the Discovery performance framework to monitor the processing times of probes, patterns, and sensors for specific discoveries. View performance data aggregated over time that shows probe execution by build, status, or target IP address. Use the roll-up data by build to compare performance between versions after an upgrade.

File-based discovery

Improves visibility into your installed software via file signature-based discovery. This is a limited access feature for the Madrid release that enables you to scan a file system and identify file fingerprints on UNIX and Windows servers from a list of established signatures. Use the comprehensive software normalization library from ServiceNow to match the results to installed software. This feature integrates with the ServiceNow® Software Asset Management Professional application to help you manage your software licenses.

File-based discovery is built with the same high-quality engineering as the rest of the Now Platform® and is optimized for performance. The product team will use the limited access time frame to get participant validation of the core feature set.

If you are interested in participating in this limited availability program, email discoverypm@servicenow.onmicrosoft.com.

PowerShell remoting

Use PowerShell remoting to communicate directly with Windows servers using the WinRM protocol. The PowerShell process establishes a secure PSSession (PowerShell Remoting session) that stays open until the MID Server finishes querying a Windows server. New MID Server configuration parameters manage SSL certificates and port assignments for using PowerShell over HTTPS.

Document Viewer

Enable Document Viewer: Enable Document Viewer on a specific table by adding the use_document_viewer attribute.
View attachments with Document Viewer: Use Document Viewer to view documents directly within the Now Platform® rather than having to download them to your own file system.

Edge Encryption

Authenticate an Edge Encryption proxy server: Specify that a proxy is a trusted source so that Edge Encryption can process the requests that come from that proxy.

Event Management

Alert intelligence: Alert Intelligence is implemented in the multi-tab interface of Agent Workspace. You can manage alerts in Workspace in the Event Management implementation of Agent Workspace.
View alert group reasoning: As alerts are added to a group, a message is added to the Work notes field of the alert to indicate the reason for aggregating that alert into the group. When an alert is added to or removed from the group, that information is shown in the Work notes of the selected alert.
Monitor event processing metrics: Extract statistics from your instance to ensure that performance is not affected and extract metrics related to event processes to monitor event processing status.
Configure event collection from an Icinga2 connector: Configure the Icinga 2 (Icinga) connector instance to receive events while monitoring your network resources.
Alert similarity: Find alerts that are similar to the alert that you are currently investigating. Save time in resolving the current alert by seeing how the similar alerts were resolved. In this way, like alerts are resolved in the same way and there is a reduction in the mean time to resolve alerts. Alert similarity applies natural language processing (NLP) based on Now Platform® machine learning (ML) as implemented in Agent Intelligence.
Quick start tests for Event Management: Validate the continued functionality of Event Management after any configuration change such as an upgrade or after developing an application. All test suites and tests should pass on a default implementation. To validate a custom implementation, copy the automated tests and configure them for your customizations.

Field Service Management

Field Service Mobile: Manage your field service tasks anywhere using the Field Service mobile application. With this application, you stay connected at all times, can access information in real time, and complete your tasks quickly. You can even access task information and complete tasks in locations where your mobile device is not connected to the Internet.

Quick start tests for Field Service Management: Validate that Field Service Management still works after you make any configuration change such as applying an upgrade or developing an application. Copy and customize these quick start tests to pass when using your instance-specific data.

Adding knowledge to work order and work order task forms: Add additional information to complete tasks.

Financial Management

Prescriptive cost models

Use the prescribed preconfigured Level 2 Costing – Business Services and Level 3 Costing – Business Capabilities cost models along with their default metrics to weight the allocation of various business costs.

ITFM prescribed weighted metrics

Choose from a library of ITFM-prescribed metrics that support weighted rollup. This library of metrics sources data directly from other applications within the Now Platform®.

ITFM prescribed scripted metric to allocate to business capabilities

Track the relationship between business applications and business capabilities in Application Portfolio Management (APM) for purposes of cost allocation. APM integrates with ITFM using a scripted metric logic, so that you can allocate cost between applications and business capabilities at whatever levels the applications are related to the business capabilities.

ITFM prescriptive dashboards

View all your expenses on a consolidated and easy-to-read dashboard based on a specific cost model that you select. There are a number of preconfigured dashboard layouts to choose from. In dashboards, you can drill down to get details of spending for each segment in the hierarchy. The following dashboards are available in Madrid:

Total weight support in allocation metrics

Use the total weight metric to allocate cost based on total consumption capacity. The weighted metric allocates cost based on the total number of available units of consumption instead of allocating cost based on the sum of all values that were actually consumed in the weight table. The Enforce total weight option helps when the total allocation is greater than the sum of the consumed values.

Financial Charging guided setup

Follow the Financial Charging guided setup steps to set up the reporting aspect of Financial Management. Understand the tasks and configure statement items, statement item drilldowns, and showback statement definitions to generate a showback statement of the cost items. Show back the IT costs associated with each department to the head of the business unit, providing visibility on the reasons behind the cost.

Quick start tests for Financial Management

Validate the continued functionality of Financial Management after any configuration change such as an upgrade or after developing an application. All test suites and tests should pass on a default implementation. To validate a custom implementation, copy the automated tests and configure them for your customizations.

Flow Designer

Call a Workflow flow logic: Reuse existing business logic by running a published and active workflow from a flow. Flow designers can use flow data as workflow inputs such as specifying the current record.
Core attachment actions: Use core actions to copy, delete, look up, and move attachments in the Attachments [sys_attachments] table.
Do the following in parallel flow logic: Branch a flow into blocks of actions and subflows that run in parallel.
Do the following until flow logic: Apply one or more actions repeatedly until an end condition is met. Flow designers can use flow data to specify the end conditions.
End flow logic: Stop running a flow from within a conditional flow logic block, such as an If, Else If, or Else flow logic block. Use this flow logic to stop flow execution when certain conditions are met.
GlideFlow API: Perform client-side interactions with actions, flows, and subflows. Flow designers must enable a flow, subflow, and action to be called from the client.
Make a decision flow logic: Use decision table branching logic in situations where multiple conditional paths are required, as an alternative to nested If, Else If, or Else flow logic. For example, inputs such as location, age, crash history, car make, car model, and car year will determine a level of insurance coverage. This logic can save time and present a more readable format than nested if conditions or switch case statements.
Run As advanced option: Choose whether the flow runs as System User or the user who initiates the session. Use the user who initiates the session option when the update should come from the user who triggered the flow. For example, comments to incident records that should come from the current user, or approval emails that should originate from the approver. Settings on a flow do not apply to child subflows. Flows created before the upgrade default to run as the System user, which means that the flows bypass normal access controls. New record-based flows default to run as the user who triggers the flow.
FlowAPI: Execute actions, flows, or subflows in server-side scripts using either blocking or non-blocking methods. Non-blocking methods enable the client to execute other code in the script without waiting for the flow to complete.
Wait for a duration flow logic: Pause a flow for a specified time period. Flow designers must specify the duration and schedule for the wait period.

Governance, Risk, and Compliance

The following accelerators are downloaded from the ServiceNow Store and activated in the core GRC applications (Policy and Compliance Management, Risk Management, and Audit Management:

GRC: NIST CSF Use Case Accelerator: The NIST CSF Use Case Accelerator gives customers an operational head-start when adopting the NIST CSF. When the accelerator is downloaded and activated in the GRC applications, pre-configured policies, scopes (profiles, profile type recommendations), indicators, risks, and other GRC elements appear.
GRC: NIST RMF Use Case Accelerator: The NIST RMF Use Case Accelerator gives customers an operational head-start when adopting the NIST RMF. When the accelerator is downloaded and activated in the GRC applications, pre-configured policies, scopes (profile, profile type recommendations), indicators, risks and other GRC elements appear.

Guided Tour Designer

Single callout placement: The four directional callouts used to associate a tour step to a page element have been replaced by a single multidirectional callout. This multidirectional callout enables you to flexibly position your callouts so they point to an element from any direction.

HR Service Delivery

Case and Knowledge Management

Standardize the documentation, interaction, and fulfillment of employee inquiries and requests, improving HR efficiency and services over time.

Preview a knowledge article with knowledge blocks: Preview published knowledge articles with knowledge blocks by user and date. You can see how the article appears or hides block content based on the user criteria and date.
Automated Test Framework for HR: Validate the continued functionality of HR Service Delivery after any configuration change such as an upgrade or after developing an application. All test suites and tests should pass on a default implementation. To validate a custom implementation, copy the automated tests and configure them for your customizations.
Note: When running, demo data is required.

Employee Service Center

Provide a single, unified portal for employees to get all the information, services, and help that they need.

Note: Employee Service Center is also available as a standalone application.

Employee to-dos page: The to-dos page is where employees can view and complete all their to-dos on a single page in the Employee Service Center. You can configure the to-dos page by applying filters to show a user's approvals, content tasks, HR acceptances, HR tasks, and more.
Employees requests page: The requests page is where employees can view all their requests on a single page in the Employee Service Center. You can configure the requests page by applying filters to show a user's service catalog requests, IT incidents, HR cases, and more.
Employee knowledge page: The knowledge page is where employees can browse knowledge articles and find answers to their questions in the Employee Service Center. You can associate one or more knowledge bases with the Employee Service Center.
Employee catalog page: The catalog page is where employees can request catalog items such as services and product offerings in the Employee Service Center. You can associate one or more service catalogs with the Employee Service Center.
Employee live chat: Employees can chat directly and in real-time with support agents in the Employee Service Center. When an employee initiates a chat, a pre-chat window appears and the employee selects a category that routes them to the appropriate chat queue. You can control what categories appear by configuring the pre-chat categories.
Link the HR ticket page with the Employee Service Center: If you are using Employee Service Center as part of HR Service Delivery, use the Portal Configuration module to link the HR ticket page with the Employee Service Center portal.
HR ticket page: If you are using Employee Service Center with HR Service Delivery, the HR ticket page is where users can view the details of an HR case. Different users have different views of the HR ticket page, and you can configure the HR ticket page header for individual HR services.
Employee Forums: Employee Forums help your employees connect, engage, and collaborate with other employees. Forums can be used to share business information, promote employee engagement, encourage ideas and feedback, and give your employees a voice.
Add or modify task (to-do) content: You can assign tasks to your employees as part of a campaign and, if needed, trigger additional content once a task is completed. To-dos can also be sent via email or posted to the Employee Service Center.
Manage content for a campaign: Campaign bundles and content can be edited after being published. Content can be removed or changed for employees that have not yet viewed it.
Content Automation (campaigns) analytics: Use Content Automation Analytics to view event-based reports measuring employee engagement with your Employee Service Center and campaign content engagement.

Enterprise Onboarding and Transitions

Automate onboarding and other employee lifecycle events that span multiple departments, improving employee satisfaction and efficiency across HR and other departments.

Monitor the status of a lifecycle event case: Use activity set execution contexts to monitor the status of lifecycle event cases. You can report on the activity set contexts table along with the HR case table.
Show activity sets timeline to the subject person on the HR ticket page: If you are using Employee Service Center with Enterprise Onboarding and Transitions, you can show the activity sets timeline on the HR ticket page to the subject (subject person) of the lifecycle event case.
Wait for generated tasks to complete before closing the activity set: For lifecycle event activities that generate new tasks, you can wait for the generated task to complete before the activity closes.

Employee Document Management

Provide electronic storage and filing of employee documents. Security policies determine who can view and access employee documents. Retention policies determine how long employee documents should be retained and reduces compliance risks.

Create or modify an employee document: Employee Document Audit Trail provides insight into all actions for an employee document from creation, updates, and to the time it was purged.
Employee document management bulk imports: You can upload multiple employee documents from an external cloud storage or a local network directory to Employee Document Management.

ITSM Agent Workspace

ITSM Agent Workspace for Problem Management

All fields that are available on the ITSM problem form are available on the Agent Workspace problem form.
State transitions are not available on the Agent Workspace for Problem and Problem task records.

ITSM Virtual Agent

Additional ITSM Virtual Agent conversations

Benefit from the following additional pre-built ITSM Virtual Agent topic conversation flows:

Escalate IT Ticket
Update Change Request
Identify Scheduled Changes
Create Problem
Identify Available Change Windows
Resolve Incident

Out-of-the-box Virtual Agent Performance Analytics Solution

Preconfigured Performance Analytics indicators and breakdowns for the Virtual Agent along with visualizations presented on the Virtual Agent Overview Dashboard.

Import and export

Concurrent imports: Split incoming data into multiple import sets and transform the import sets concurrently to reduce processing time.; You can partition import sets to maintain the processing order within each partition.
WebSockets: WebSockets are turned on by default. WebSockets connections may be limited by your network configuration. You can check your browser's compatibility by entering the following URL (you do not have to be logged on to an instance): https://yourinstance.service-now.com/$websocket_test.do.

Incident Management

Major incident workbench features

Access on-call escalation details: Access on-call roster and escalation details from the major incident workbench to reach out to a support group.
Make outbound calls from the browser : Make an outbound call from the Workbench UI to the device of the user by populating the sn_major_inc_mgmt.notify_webrtc_number property with a valid notify number that has voice capability.

Associate similar incidents

Associate the current incident to a similar incident or copy resolution notes to the current incident.

Add similar incidents: Find similar incidents to a current major incident so that the support teams can work on the parent record for a coordinated response process.
Similar incidents in contextual search : Use the Similar Incidents additional resource on the Incident form to search for and link similar incidents.

Advanced Work Assignment for Incident plugin

Activate the Advanced Work Assignment for Incidents (com.snc.incident.awa) plugin to automatically assign work items to agents based on their availability, capacity, and skills. Define work item queues, routing conditions, and assignment criteria that Advanced Work Assignment (AWA) uses to distribute work items. From the agent inbox, agents can see assignments, set availability, and accept or reject work items.

Contextual search

Use contextual search to view Knowledge articles relevant to the incident. On the Incident form, a choice list next to the Related Search field enables you to select a category such as Knowledge (All), Pinned Articles, Open Incidents, Resolved Incidents, and Open Major Incidents to indicate where you want to search for the entered text.

Quick start tests for Incident Management

Validate the continued functionality of Incident Management after any configuration change such as an upgrade or after developing an application. All test suites and tests should pass on a default implementation. To validate a custom implementation, copy the automated tests and configure them for your customizations.

New mobile app for Incident Management

Access work assigned to you or your group.
Add comments or work notes or reassign incidents.
Receive push notifications for incidents assigned or commented.
Review group workload for incidents by priority and state.
Approve or reject change requests, requests, and requested items.

ServiceNow add-in for Microsoft Outlook

Create an incident or VTB task in your ServiceNow instance from within Microsoft Outlook using the ServiceNow Add-in for Microsoft Outlook feature. This add-in lets you engage with IT directly from an email or, for IT users, quickly create an incident from an email and immediately assign it to the correct team. It also lets you create a VTB task.

IntegrationHub

Payload Builder step: Enable action designers to easily create name-value pairs in JSON and XML payloads using dynamic data.
SOAP step: Enable action designers to send outbound SOAP web service requests to external systems.
Slack spoke: Use Slack APIs to post messages and manage access to channels. Authorize spoke actions with OAuth tokens. The webhook-based spoke from the previous release has been renamed to the Slack webhooks spoke. Only the new spoke supports Slack APIs and OAuth.
Microsoft SCCM spoke: Automate management of user collections, device collections, and application deployments on a Microsoft System Center Configuration Management (SCCM) server.

Knowledge Management

Guided setup: Follow step-by-step instructions to configure Knowledge Management on your instance. Perform structured configuration activities and monitor your progress.
Ownership groups: Create ownership groups to own knowledge articles and maintain article quality, manage approvals, and ensure the timely resolution of feedback.
Full-sized images: Open an image from a knowledge article on the Knowledge Management Service Portal article view page to view a full-sized image.
Domain enhancement to user criteria diagnostics: Displays whether a user has access to a knowledge article or knowledge base based on their domain.
Facets for glide list field types: Configure facets for glide list field types on the Knowledge Service Portal search results page.
Import a Word document using the platform UI: Create a knowledge article by importing a Word document directly using the platform UI.
Multi-language search facet: Select which languages to display your search results using the language facet in the Knowledge Management Service Portal.
Performance improvements to scripted user criteria: Evaluates user access to knowledge bases once per session if scripted user criteria is defined for a knowledge base. If the script results in changes after a session cache is built, the result takes effect in the next session. Changes to a user's role, groups, company, location, or department take immediate effect.
Extension points for Knowledge Management plugins: Use UI extension points to customize knowledge article headers and footers and article feedback notification emails. Use scripted extension points to customize the article subscription email template.
Quick start tests for Knowledge Management: Validate the continued functionality of Knowledge Management after any configuration change such as an upgrade or after developing an application. All test suites and tests should pass on a default implementation. To validate a custom implementation, copy the automated tests and configure them for your customizations.
Preview a knowledge article with knowledge blocks: Preview a knowledge article with knowledge blocks by user or, if published, date. For an unpublished article, you can preview the article by user by impersonating different users to see how the article displays or hides block content based on the user criteria set at the knowledge base and knowledge block level. For published articles, you can preview the article by both user and date to see how the article appears in past versions for different users.

MID Server

TrustStore configuration parameters

Sets the path to the trustStore for the MID Server to use and defines the trustStore password for HTTPS connections with the Asynchronous Message Bus (AMB) Client.

mid.https.truststore.path
mid.https.truststore.password

Notifications

Email client configurations

Control how your email client works:

Use email client configurations to manage the behavior of your email client. Each configuration consists of different email controls for setting the allowable email recipients and email addresses and for defining the allowable sender (From) email addresses.
Use the Email Client Template (enhanced for this release) to define the default content for an email client message. The template provides a Sender Configuration tab for specifying how the sender email address (From field) is generated. You can choose from four different configuration methods: SMTP, Select from List, Script, or Text.

Multiple email readers

Organize your email accounts into email account groups (subsets of email accounts) for processing by multiple email reader jobs. Activate this feature with the glide.email.inbound.account_group_processing property and assign your email accounts to email account groups.

Notify

Notify-Twilio Direct driver: A new Migrate Now button for one-click migration from the legacy driver to the new Notify-Twilio Direct driver is provided.
Notify Properties module: Updated Notify properties have been added such as phone numbers to send SMS messages or to allow on-call users to directly call people on the rosters from a browser.
Advanced SMS features: Configure bulk SMS messages to reach multiple lists of users with only one API request through the Twilio Notify integration and intelligent SMS handling to send SMS messages using alphanumeric IDs.
Advanced Voice features: Answering Machine Detection (AMD) enables you to determine whether a human or a machine has picked up an outbound voice API call so you can tailor your call flow accordingly.
WebRTC Calls: Make outbound calls from the browser On-Call and MIM Workbench interface.

On-Call Scheduling

User interface for on-call schedules

Review, manage, and correct gaps or conflicts in your on-call schedule from a single view. On-call managers and members can use this interface to view and maintain on-call schedules.

Coverage gaps and conflicts for a shift

Review gaps and conflicts in a shift to ensure proper support coverage. Possible reasons for gaps are:

Time-off without coverage
User has been moved out of the group
User is marked as inactive

A conflict is possible if the same user is assigned as the primary and secondary point of contact for a shift.

Group managers and delegated shift managers can view these gaps and conflicts using any of the following options:

Info icon for a shift in the calendar view of the on-call calendar
Info icon for a shift in the timeline view of the on-call calendar
Info icon for a shift on the On-Call Schedules landing page
Pending Actions section of the On-Call Schedules user interface

Scheduled job for weekly gaps and conflicts report

Send a weekly report of gaps and conflicts in on-call schedules to the respective admin, shift managers, and group managers using the On-Call Gaps Conflicts Report.

Group Preferences module

Use this module to set the following group preferences for your group's on-call shift:

Shift overlap and escalation rule for overlaps
Time-off request approval
Shift managers

Overlapping shifts

Create overlapping shifts to have a hand-off period between shifts. With this capability, multiple shifts can be on-call during the same time and on-call members from multiple shifts can be contacted. Overlapping shifts for a group are displayed as different shift cards on the On-Call Schedules landing page.

Custom escalation policy type and escalation designer

Use the custom escalation type for a shift to customize the escalation process. After setting the custom escalation type, use the escalation designer to customize the escalation details for each step of the process. These customizations are also reflected in the escalation path of a roster.

Roster and escalation details

View the roster and escalation details of a group using any of the following options:

Shift cards on the On-Call Schedules landing page.
On-Call section in the Overview tab of the On-Call Schedules user interface.
Summary tab on the Major Incident Management workbench.
UI action on the Incident form.

Deletion or replacement of coverage on the calendar

Use the Delete coverage or Replace coverage UI actions to delete or replace a coverage from the on-call calendar.

Weekday for starting the roster rotation

Use the Day of week for rotation field on the Roster form to specify the weekday on which the roster rotation should start. When this field is specified, the roster rotation is set based on the specified frequency, start date, and weekday.

Escalation in conference calls

Set the com.snc.iam.conference_call_follow_on_call_escalation property to true to set an automatic escalation hierarchy in conference calls initiated from an Incident Communication Task. When you add a user group to the call, the group itself is added to the call, and the escalation hierarchy is followed once you start the call. This feature is applicable only when the Incident Communications Management (com.snc.iam) plugin is active.

On-Call Scheduling properties

Use the On-Call Scheduling > Administration > On-Call Properties module to access commonly used On-Call Scheduling properties that are organized into logical groups.

OnCallRotation

Use the following methods of the OnCallRotation () global API to manage overlapping shifts and custom escalation in on-call schedules:

getPrimaryUsers()
getPrimaryUserByRota()
getPrimaryUserNameByRota()
getEscalateesAt()

Operational Intelligence

Self-health monitoring: Monitor essential Operational Intelligence components and processes, and generate alerts about potential issues. Operational Intelligence uses pre-configured self-health monitors for Event Management which enables you to proactively remediate issues and minimize data loss.
Quick start tests for Operational Intelligence: Validate that Operational Intelligence still works after you make any configuration change such as applying an upgrade or developing an application. Copy and customize these quick start tests to pass when using your instance-specific data.

Performance Analytics

Analytics Hub: The Analytics Hub is the central interface where you assess, compare, and predict the performance of an indicator over time. Set on the indicator record whether that indicator is to be included in the Analytics Hub.
The Analytics Hub replaces the Detailed Scorecard.
New API for dynamic retrieval of analytics in formula indicators: The new methods retrieve calculated values from the Analytics Hub for use inside a formula indicator. The values are retrieved dynamically, as you change your selections in the Analytics Hub. This API simplifies scripting formulas, especially for indexing multiple indicators, getting changes in scores, or filtering particular breakdown and element combinations.
KPI Composer application on ServiceNow Store: KPI Composer ensures that your performance management strategy aligns with business goals and has support from executive sponsors. Use KPI Composer to bridge the gap between defining your performance measurement strategy and the realization of that strategy from within Performance Analytics. Start with your business goals and plan all your components through indicators up to the final dashboards.

Platform security

Instance security center: Monitor the compliance level of instance security controls, view security event monitoring metrics, and configure and maintain instance security settings all from within the Instance Security Center. The Instance Security Center consolidates several key security components into a single control console that helps you detect, protect, and respond to instance-based security events.

Policy and Compliance Management

Quick start tests for GRC: Policy and Compliance Management: Validate the continued functionality of GRC: Policy and Compliance Management after any configuration change such as an upgrade or after developing an application. All test suites and tests should pass on a default implementation. To validate a custom implementation, copy the automated tests and configure them for your customizations.
Attestation question bank: Compliance managers can add questions or categories from a control attestation to a question bank. Conversely, they can build a control attestation by adding questions and categories from the question bank.

Problem Management

Problem Management Best Practice — Madrid plugin

Use the Problem Management Best Practice — Madrid plugin to identify the cause of a service interruption reported by significant or recurring incidents. The plugin provides roles for problem management, including a problem coordinator, problem manager, and problem administrator. It also provides fields to record the category, identify where the issue was first reported, the workaround, the cause notes, and the fix notes. The plugin also searches for and attaches knowledge articles.

Problem Management Best Practice — Madrid — State Model plugin

Use the Problem Management Best Practice — Madrid — State Model plugin to support state management. State management controls how a problem or problem task moves through a predefined list of states.

Problem Management Best Practice — Madrid — Knowledge Integration plugin

Use the Problem Management Best Practice — Madrid — Knowledge Integration plugin to identify the cause of a service interruption reported by significant or recurring incidents. The plugin provides the ability to create Known Error articles for incident deflection (requires activation of the Knowledge Management Advanced plugin).

State management

Manage a problem throughout its life cycle using these states: New, Assess, Root Cause Analysis, Fix in Progress, Resolved, and Closed.

Roles

Work on a problem and manage it through its life cycle with the Problem Co-ordinator [problem_coordinator], Problem Manager [problem_manager], and Problem Admin [problem_admin] roles.
Configure problem management settings and act as a problem coordinator with the Problem Manager [problem_ manager] and Problem Admin [problem_admin] roles.
Manage and delete problems and problem tasks with the Problem Admin [problem_admin] role.

Properties

Use properties to control features such as creating a problem task on a closed problem or re-analyzing a closed or canceled problem.

Business rules

The following business rules have been added for Problem:

Set State variables on Scratchpad
Update fields when Problem is Confirmed
Copy related records to original Problem
Update fields on Problem Closure
Update fields when Problem is Resolved
Raise an event when State changes
Cascade closure of Problem Tasks
Update fields on Re-analyzing a Problem
Sync Workaround fields

The following business rules have been added for Problem Task:

Set state in scratchpad for Problem Task
Check if problem task can be created
Check related Problem Task closure
Update re-assess (reopen) fields
Update Closed fields
Update Started fields
problem_task events

UI policies

The following UI policies have been added for Problem:

Show 'Workaround' when 'Workaround applied' is checked - Modal View
Make Problem State read only
Hide Resolution Code when state is not resolved or closed
Hide Duplicate of when Resolution code is not Duplicate
Hide 'Workaround communicated' and 'Workaround communicated by' fields when they are empty
Hide 'Fix communicated by', 'Fix communicated by' fields when they are empty
Show 'Workaround applied' only when 'Resolution code' is 'Risk Accepted'
Hide Closed By, Closed, and Close notes when Resolution Code is None
Hide 'Last reopened by', 'Last reopened at' fields when they are empty
Make 'Workaround' mandatory when 'Workaround applied' is checked
Hide Subcategory when Category is none
Priority is managed by Data Lookup - set as read-only

The following UI policies have been added for Problem Task:

Hide Other Reason when Cause code is not other
Hide Vendor when Cause code is not Vendor Issue
Hide Close code when State is not Closed

Data policies

The following data policies have been added for Problem:

Make 'Duplicate of' mandatory when 'Resolution code' is 'Duplicate'
Make 'Cause notes' mandatory when State is 'Fix in Progress'
Make 'Fix notes' mandatory when State is 'Fix in Progress'
Make 'Canceled reason' mandatory when Resolution code is 'Canceled'
Make 'Assigned to' mandatory when State is one of 'Assess', 'Root Cause Analysis', 'Fix in Progress', 'Resolved' or 'Closed'
Make 'Risk accepted reason' mandatory when Resolution code is 'Risk Accepted'
Make 'Resolution code' mandatory when State is 'Resolved'
Make 'Resolution code' mandatory when State is 'Closed'

The following data policies have been added for Problem Task:

Assigned to is required when state is one of 'Assess, Work in Progress or Closed' and Close code is not 'Canceled'
Fix notes is required when state is Closed Completed for RCA task
Cause code is required when state is Closed
Close notes is required when state is Closed for General task
Close notes is required when state is closed canceled for rca task
Vendor is required if Cause code is Vendor Issue
Other reason is required when Cause code is Other

Notifications

The following notifications have been added for Problem:

Problem Fixes Closed
Problem Tasks closed

Script includes

The following script includes have been added:

ProblemState
ProblemStateSNC
ProblemStateUtils
ProblemStateUtilsSNC
ProblemTaskState
ProblemTaskStateSNC
ProblemTaskStateUtils
ProblemTaskStateUtilsSNC
ProblemUtilsClientsSNC
ProblemV2Util
ProblemV2UtilSNC

Known Error articles

Use Known Error articles as reference material. The Known Error articles document the root cause and the workaround of the Problem to help with deflecting Incidents.

Contextual search

Use contextual search to view Knowledge articles. On the Problem form, a choice list next to the Related Search field helps you select a category, such as Knowledge (All), Pinned Articles, Incidents, Open Problems, and Resolved Problems in which you want to search for the entered text.

Communicate outcome

Communicate workarounds and fixes using related links, which notify related incidents that a workaround or fix is available.

Quick start tests for Problem Management

Validate the continued functionality of Problem Management after any configuration change such as an upgrade or after developing an application. All test suites and tests should pass on a default implementation. To validate a custom implementation, copy the automated tests and configure them for your customizations.

Project Portfolio Management

Rate Model

Use the Rate Model feature to derive date-effective, criteria-driven hourly rates for calculating planned and actual costs for a project or demand. The labor rate cards are based on the user attribute only, but the rate model provides options to define rates based on resource, group, user, and other attributes from various entities. It helps to determine resource costs (requested, confirmed, and allocated) associated with a project or demand. When a resource working on the project submits a time sheet, the rates are picked from the associated rate model.

Resource Management

Derive hourly rates from the rate model during resource plan Request, Confirm, or Allocation stages.
Derive hourly rates for an operational resource plan using the Rate Model field on the operational resource plan form.
Use the com.snc.resource_management.plan.auto_async_threshold resource property to set the maximum number of daily resource allocation records that should be considered in synchronous mode during confirmation and allocation. The property improves the system performance when the number of allocation daily records is more than the value set in the property.
Use the com.snc.resource_management.plan.max_duration resource property to restrict the maximum number of days for which a resource plan can be created.

PMO Dashboard

Use the PMO dashboard to view trends of historical data as well as regular reports for your portfolios, programs, and projects. The dashboard is not available in Teamspaces.

Investment Portal

View the details of a demand from the demands list in the Timeline tab.
Open a project in the Planning tab in the Project Workspace from the projects list in the Timeline tab.
View the details of a cost plan from the cost plans list in the Financials tab.
Configure the default list of active investment widgets included on the new boards and on the existing boards that do not have widget selection configured.

Project Management

Associate a rate model with a project to derive hourly rates for the resource plans and time cards associated with the project.
Compare financial baselines to see the differences in the financials of a project between the two baselines.
Change the planned start date of a project using the Move project feature from the Planning Console or Project form.
When importing a Microsoft Project file into a project with subprojects on the ServiceNow instance:
- The WBS order of imported tasks is regenerated after import.
- The Planned Start Date and Planned End Date of the parent project are rolled up.
- The State of the parent project and tasks are rolled up.
- The % Complete on the top task is rolled up.
To view the project name of an external dependency, point to the link icon () in the Planning Console.

Demand Management

Associate a rate model with a demand to derive hourly rates for the resource plans associated with the demand.
Compare financial baselines to see the differences in the financials of a demand between the two baselines.
Define the business investment for a demand using the Investment Class and Investment Type fields in the Demand form.
Trigger a notification email to the portfolio stakeholders when an assessment is sent to them by moving a demand to Screening.

Quick start tests for Project Portfolio Management

Validate the continued functionality of Project Portfolio Management after any configuration change such as an upgrade or after developing an application. All test suites and tests should pass on a default implementation. To validate a custom implementation, copy the automated tests and configure them for your customizations.

Reporting

Quick start tests for Reporting: Validate the continued functionality of Reporting after any configuration change such as an upgrade or after developing an application. All test suites and tests should pass on a default implementation. To validate a custom implementation, copy the automated tests and configure them for your customizations.

Risk Management

Quick start tests for GRC: Risk Management: Validate the continued functionality of GRC: Risk Management after any configuration change such as an upgrade or after developing an application. All test suites and tests should pass on a default implementation. To validate a custom implementation, copy the automated tests and configure them for your customizations.
Risk assessment question bank: Risk Managers can add questions or categories from a risk assessment to a question bank. Conversely, they can build a risk assessment by adding questions and categories from the question bank. Risk managers can copy the whole risk assessment.
Continuous monitoring for vulnerabilities with public exploits affecting critical business services: Through integration with Vulnerability Response, risk administrators, managers, or users can monitor critical vulnerabilities through indicators, which enables them to observe the effect on risk posture.

Scaled Agile Framework (SAFe)

Portfolio SAFe

Use Portfolio SAFe to align your organizational goals and strategies with your portfolios, and apply lean and agile principles to manage and deliver the portfolio work.

Portfolio SAFe works at three levels for portfolio managers, product managers, and team members.

At the Portfolio level, portfolio managers can capture and prioritize epics in a centralized backlog, and monitor the progress of epics in a visual task board.

At the Agile Release Train (ART) level, product managers can capture, prioritize, and monitor features that are broken out from epics.

At the Team level, team members can implement stories that are broken out from features.

Bulk actions

Perform any action on a set of features in the ART backlog, and on a set of stories in the Team backlog. Bulk actions save you time and effort since you are not required to edit each record (feature or story) separately.

For more information on performing bulk actions:

On the ART backlog, see Manage your ART backlog.
On the Team backlog, see Manage your team backlog.

Quick start tests for Essential SAFe

Validate the continued functionality of Essential SAFe after any configuration change such as an upgrade or after developing an application. All test suites and tests should pass on a default implementation. To validate a custom implementation, copy the automated tests and configure them for your customizations.

Performance Analytics Content Pack for Essential SAFe

Install the Performance Analytics Content Pack for Essential SAFe application from the ServiceNow Store. Performance Analytics Content Pack for Essential SAFe contains preconfigured dashboards with data visualizations that help you improve your SAFe processes and practices.

Security Incident Response

Features available from the ServiceNow Store:

Enhancements to User Reported Phishing

This release includes significant enhancements to the existing User Reported Phishing functionality. You can:

Aggregate duplicate or similar user reported phishing submissions to a single incident and consolidate incident response actions.
Extract email headers from .eml attachments or the body of the email.
Display email headers in a Related List in the security incident record.
Report phishing emails through the service catalog.
Configure how the email header information is extracted from the email body. You can choose to:
- Extract all email headers or select some of them.
- Aggregate similar email submissions as child security incidents to an existing parent security incident.
- Specify the order in which the email ingestion rules are applied.

Note: This enhancement is implemented through a new design that replaces the existing design. For installation instructions, see the Required Component and Plugins section in Enhancements to User Reported Phishing.

Splunk Enterprise Security Event Ingestion for Security Operations

Splunk Enterprise Security Event Ingestion for Security Operations provides an ability to ingest Splunk notable events to create security incidents. This integration enables both automated ingestion and manual forwarding or notable events to ServiceNow, Inc.for event field mapping, filtering, and aggregation capabilities. It also provides capabilities to update the notable events based on the security incident status changes, including automated close-out of notable events.

Security Incident Response

You no longer need to wait for the platform family release of Security Incident Response to enjoy new features, updates, and fixes. The latest version of Security Incident Response is published in the ServiceNow Store and available for download.

Setup Assistant is part of the Security Incident Response plugin available in the ServiceNow Store

Download Setup Assistant from the ServiceNow Store for a simple, step-by-step approach to setting up Security Incident Response. Setup Assistant helps you discover which capabilities of Security Incident Response require configuration, identify what permissions are required to configure these capabilities, and learn what settings are recommended for your environment. Setup Assistant helps you deploy Security Incident Response and associated integrations quickly and efficiently.

Sighting Search for Phishing and Malware Response

Perform sighting searches on emails or observables to determine how often certain types of attacks, such as user-reported phishing attacks or communications with a malicious IP address or URL, occur in your network. As you start analyzing a phishing incident, you can use this feature to identify other users in your organization who are impacted by the same phishing attack by clicking the phishing link.

Flow Designer and Actions for Incident Response playbooks

Using the Flow Designer, security administrators and flow design authors can more easily transition from manual or undocumented playbooks to automated and repeatable playbooks using an intuitive and flexible drag-and-drop experience, as well as condition checks, parallel branching, decision tables, and more.

Performance Analytics SOC Efficiency dashboard

If you have the sn_si.analyst or sn_si.manager roles, you can use this dashboard to improve analyst efficiency and get a picture of how the security operations center (SOC) is performing in general and specific areas over time. You can use the dashboard to:

View metrics that help measure the individual performance of the security analysts.
Measure the overall response time of the SOC in addressing valid security incidents.
View risk scores to assess the amount of risk reduced through incident response actions.
Get better insight into the incident analysis stage to analyze bottlenecks in the incident response procedures.

Malware playbook flow template

If you have the sn_si.admin, flow_designer, and action_designer roles, you can use the malware playbook flow template to accelerate the design of this playbook. Automate the steps for handling malware alerts from the endpoint or the network.

The flow template includes trigger conditions and a sequence of actions and subflows that are annotated for readability. You can drag objects, include condition checks, parallel branching, decision tables, and more within your template and resolve malware attacks quickly and efficiently.

Service Catalog

Multiple catalog support in Service Portal

Enable requesters to browse and search for items across multiple catalogs by adding these catalogs to the Catalogs related list when configuring a portal.

Portal settings

Define the catalog item behavior in Service Portal using portal settings. You can configure the following settings for a requester:

Request method.
Display of the quantity and delivery time of the item.
Options to add an attachment to the item, or make the attachment mandatory.
Options to add the item to the wish list or cart.

When you upgrade to Madrid, if the No cart or No quantity fields are already selected in the Now Platform®, a migration script propagates these settings to the portal settings.

My Requests menu in Service Portal

Enable requesters to view open or closed requests, incidents, and tasks in Service Portal using the My Requests menu. This menu uses the My Requests (my-requests-v2) widget that is based on the filter conditions and display settings defined in the My Request Filter module.

Service Catalog enhancements for Automated Test Framework

Write automated end-to-end tests for requester flows to validate the following for Service Catalog:
- Order guide in Service Portal.
- Multi-row variable sets of a catalog item in Service Portal.
- Variable editor in the Now Platform®.
Note: When you upgrade or modify an instance, run these tests to confirm that the instance still works as designed.
All Service Catalog step configurations support parametrized tests.

Mobile experience for a fulfiller

Approve catalog requests, requested items, or change requests using the ServiceNow Agent application.

User Criteria Diagnostics

Debug whether a user can access a catalog item based on the associated user criteria and fix issues without contacting ServiceNow Technical Support.

Regular expressions for variable validations

Use a regular expression (regex) to validate the value that is entered for a Single Line Text or Wide Single Line Text variable.

Request cloning in Service Portal

Clone a submitted request by selecting multiple users in the Also request for list of the Additional Actions section.

Embedded catalog approval request within the Outlook email client

Embed an interactive approval request for service catalog requests and requested items in the email notification sent to a user. The user can accept or reject the approval request from the email client.

Enhanced scoping support

Reference any request item variable from a script in a scoped environment.

Response parameters for methods in Service Catalog REST API

Use the parent_id and parent_table parameters that are added in the response body of the following methods:

checkout
checkout_guide
submit_order
submit_producer
order_now

Service Level Management

SLA offline support: Provides support for accurate SLA timing for tasks updated from the ServiceNow mobile client while offline. Field service agents sometimes work offline at customer locations, and updates to their tasks are cached on their mobile devices. The data can be synchronized and repaired as needed when the field service agent is back online.
Maximum allowed duration for SLAs: In the Maximum duration allowed in SLA Definition (com.snc.sla.maximum_duration) property, specify the maximum time that an SLA can run. The default is 1095 days (3 years).

Service Mapping

Support for huge payloads: Attention: The method used by the MID Server to prevent out-of-memory errors when handling very large payloads did not perform as well as anticipated. These controls were removed from Madrid Patch 1 for additional development and will be restored later.
Configure the MID Server to temporarily save data used during pattern-based discovery in files on the MID Server instead of in random-access memory (RAM). Once Discovery and Service Mapping finish discovering and identifying the configuration items (CIs), the data used for discovery is saved from the MID Server.
Quick start tests for Service Mapping: Validate that Service Mapping still works after you make any configuration change such as apply an upgrade or develop an application. Copy and customize these quick start tests to pass when using your instance-specific data.

Service Portal

Error messages appear for invalid TinyMCE property configurations: View an error message when you enter an invalid entry for TinyMCE toolbars, fonts, and font families.
Use multifactor authentication with Service Portal: Configure your instance to support multifactor authentication for login in Service Portal. If you configure your instance to require multifactor authentication, your users are automatically directed to set up multifactor authentication upon initial login. For setup instructions, see Set up multifactor authentication upon initial login. If multifactor authentication is optional on your instance, your users can still enable or disable authentication from their user profile.
Use date picker with screenreader and keyboard: Access date picker in Service Portal via screen reader, mobile screen reader, mouse and keyboard, and touch devices.
Activate La Jolla theme branding: Activate the Service Portal La Jolla brand to apply the latest ServiceNow branding, which meets WCAG-AA standard for color contrast. This plugin is active by default on new instances, but you must activate the plugin on instances that are upgraded from earlier versions.
Performance Analytics Content Pack for Service Portal: The Performance Analytics Content Pack for Service Portal enables service delivery executives to improve user engagement with your organization's portals by tracking the usage of portals in preconfigured indicators and data visualizations. For details on system requirements, view the application listing on the ServiceNow Store website.

Service Portfolio Management

Service Level Management: Service Level Agreement (SLA) commitment support functionality is added to Service Portfolio Management by integrating with ServiceNow® Service Level Management.

Software Asset Management

Watch this five-minute video for an overview of the new Software Asset Management features for the Madrid release.<span>Overview of the new Software Asset Management features for the Madrid release including SAP publisher pack, License Workbench, Normalization and Content Service dashboard, and Automatic Software Model Creation.</span>

SAP publisher pack

Use the SAP publisher pack to identify user access and named user assignments in a SAP environment to compare against signed SAP contracts. Identify non-compliant scenarios for named user licensing and optimize named user assignments based on user attributes.
SAP dashboard using Performance Analytics is activated with this publisher pack to forecast compliance and consumption.

License Workbench

Use the License Workbench to view reconciliation results for a given publisher from a single location to remediate compliance without clicking through the hierarchy of results.

Normalization and Content Service dashboard

Use the Normalization and Content Service dashboard to see current normalization rates and health of the content service in one view.

Reclamation by software last-used date

Identify and reclaim unused software using the last-used (activity) date as a proxy for usage metering data. The software last-used date can be collected using SCCM 2016 or SCCM 2012.

Quick tests for Software Asset Management

Validate the continued functionality of Software Asset Management after any configuration change such as an upgrade or after developing an application. All test suites and tests should pass on a default implementation. To validate a custom implementation, copy the automated tests and configure them for your customizations.

Subscription Management

Support for platform subscriptions that include custom table entitlements: Use the Subscriptions module to allocate custom tables that are created in a production instance against custom table entitlements in certain subscriptions. A usage administrator allocates custom tables only if a subscription contains custom table entitlements.

System Clone

Admins can roll back a clone: Roll back clones for up to seven days from the date a cloning completes.

Test Management 2.0

Test Board

Track, manage, and complete your testing activities from an intuitive user interface called the Test Board.

Aggregate all your test plans and view them as cards in a single location. At a glance, you can review key details of your test plans, such as start date, end date, and percentage of tests that have passed and failed.
Create a test plan in the Test Board, and structure the test plan in the Planning tab. The Planning tab is built from the Test plan work item hierarchy and Gantt chart components.
Break down the test plan into phases to precisely plan what must be tested and when.

Standalone test execution suite

Use the Test Execution Suites module to create a short test plan. This is useful when your testing effort is minimal and you do not want to go through the overhead of creating a test plan and a test cycle for a test execution suite.

Quick start tests for Test Management 2.0

Validate the continued functionality of Test Management 2.0 after any configuration change such as an upgrade or after developing an application. All test suites and tests should pass on a default implementation. To validate a custom implementation, copy the automated tests and configure them for your customizations.

Threat Intelligence

Threat Intelligence: You no longer need to wait for the platform family release of Threat Intelligence to enjoy new features, updates, and fixes. The latest version of Threat Intelligence is published in the ServiceNow Store and available for download.
Threat Intelligence Integrations: The latest versions of third-party malware-detection software packages that integrate with Threat Intelligence are now available for download on the ServiceNow Store.

Time Card

Reject a time sheet: Use the Reject button on the Time Sheet Portal to reject a time sheet. Pre-Madrid, the Reject button was available only on the Time Sheet form.

Trusted Security Circles

Trusted Security Circles: You no longer need to wait for the platform family release of Trusted Security Circles to enjoy new features, updates, and fixes. The latest version of Trusted Security Circles is published in the ServiceNow Store and available for download.

Themes

Select from two new themes in the system settings window. The cobalt and cobalt contrast UI themes use the same styles as the previous UI.

Theme previews (under System Settings > Themes) have been updated so that the colors are determined by three configurable variables. The following variables provide the colors for the theme preview.

$navpage-header-bg
$navpage-header-color
$nav-highlight-bar-active

For more information on customizing a theme, see Create or customize a theme.

Base theme property

Change the base theme for the main content on the page. Find the Selected base theme [glide.ui.base_theme.selected_theme] by navigating to System Properties > Basic Configuration UI16. Only the main content on the screen (any content not included in the application navigator and the banner frame) is updated with this theme. Choose from:

La Jolla: The default base system theme. The properties for this theme are consistent with the new branding.
Cobalt: The properties for this theme match the previous branding.

Keyboard shortcut preferences

Determine which keyboard shortcuts are available to users from the list of user preferences.

Vendor Risk Management

Vendor assessment resubmission process: Vendor risk managers or assessors can return assessments to vendors with comments explaining the need for further information. Vendors can resubmit the requested responses and also communicate with the vendor risk manager through comments in the Notes and Comments section under a Questionnaire or Document Request. This real-time communication provides an easier and more timely resubmission of the assessment.
Issue creation based on response: Using issue generation rules, issues can be created automatically when a vendor selects the incorrect answer. Vendor risk managers can also create issues manually during review of the vendor response.
Vendor risk assessment question bank: Vendor risk managers can add questions or categories from a questionnaire, document request, or tiering questionnaire to a question bank. Reversely, they can build a questionnaire, document request, or tiering questionnaire by adding questions and categories from the question bank. Vendor risk managers can copy the whole questionnaire, document request, or tiering questionnaire.

Virtual Agent

Messaging integration with Workplace by Facebook

Install and configure the Virtual Agent integration for the Workplace messaging application. End users must link their ServiceNow accounts to the Workplace integration before they can use the Virtual Agent bot in Workplace.

No-code topic authoring in Virtual Agent Designer

Use no-code controls during conversation design instead of using JavaScript for:

ServiceNow (GlideRecord) queries
ServiceNow (GlideRecord) inserts and updates
Dynamic display logic
Decision branching logic

Virtual Agent Overview dashboard

Monitor conversation usage with the Virtual Agent Overview dashboard, which provides data visualizations of usage information collected daily and weekly. This dashboard is part of the Out-of-the-box Performance Analytics Solutions.

Vulnerability Response

Features available from the ServiceNow Store

Enhanced Change management for Vulnerability Response

Version 9.0: Create change requests directly from vulnerability groups with ServiceNow® Change Management for Vulnerability Response to expedite your remediation of vulnerabilities. This feature tightly integrates Vulnerability Response and ServiceNow®ITSM Change Management and provides customers with the following capabilities:

Create pre-populated change requests of varying types (emergency, standard, or normal).
Associate vulnerability groups to existing change requests.
Split large vulnerability groups into manageable chunks.
Resolve vulnerability groups automatically after change requests are implemented using automated state synchronization.

Software exposure assessment using Software Asset Management (SAM)

Version 9.0: With the Exposure Assessment module, determine your exposure to a specific software package by looking up the publisher, product name, and version number in the ServiceNow Software Asset Management (SAM) product. As an option, create vulnerable items to remediate vulnerabilities.

Vulnerability Solution Management

Version 8.0: Automatically correlate the vulnerabilities in your environment with the solutions that would remediate them. Identify the remediation actions that apply to your environment and prioritize them by the greatest reduction in vulnerability risk.

Available as a separate subscription within Vulnerability Response, Vulnerability Solution Management contains the Microsoft Security Response Center Solution Integration.

Preferred Solutions in vulnerability, vulnerable item, and vulnerability group records are derived from the Microsoft Security Response Center Solution Integration imports and not third-party vulnerability integrations.

Preferred Solution values can be set on the vulnerable item or the vulnerability. When set on the vulnerability, all vulnerable items associated with the vulnerability inherit that solution.

Note: Preferred Solution values at the vulnerability level are cleared if multiple highest-supersedence solutions exist for a vulnerability, since that solution depends on the affected asset. When multiple highest-supersedence solutions exist for a vulnerability, set a Preferred Solution on the vulnerable item.

Common Vulnerability Exposure (CVE) vulnerabilities with long summaries can cause excessive cell heights in the vulnerability list view on solution records.

Risk Score calculator enhancements

Version 8.0: Configure your calculators with finer granularity. For example, you can incorporate vulnerability severity, exploit and asset information. These calculators provide consistent risk scores across all vulnerable items so you can effectively prioritize the vulnerabilities in your environment.

The Default Risk Calculator and Vulnerability Severity calculators are shipped with the base system.

Vulnerability Calculators have replaced Vulnerability Calculator Groups for calculating the base Risk Score.

for remediation specialists Remediation Owner Role for remediation specialists for remediation specialists

Version 8.0: Automatically receive access to vulnerability entries and solutions assigned to you or your group using the sn_vul.remediation_owner role. By default, the itil role contains the sn_vul.remediation_owner role.

Vulnerability Response

Version 7.0: You no longer have to wait for the platform family release of Vulnerability Response to enjoy new features, updates, and fixes. The latest version of Vulnerability Response is published in the ServiceNow Store and available for download.

Setup Assistant is part of the Vulnerability Response application available in the ServiceNow Store

Version 7.0: Setup Assistant walks you through the Vulnerability Response setup process in a simple, step-by-step fashion. Setup Assistant helps you discover which capabilities of Vulnerability Response require configuration, identify what permissions are required to configure these capabilities, and learn what settings are recommended for your environment. Setup Assistant helps you deploy Vulnerability Response quickly and efficiently.

Vulnerability Response overview homepage

Version 7.0: The Vulnerability Response Overview homepage has become a responsive dashboard.

Performance Analytics - Content Pack - Vulnerability Response

Version 7.0: Using business objective definitions, trending, and forecasting, the Performance Analytics – Content Pack – Vulnerability Response application contains over 40 report widgets. These reports help you monitor metrics across all stages of the vulnerability management lifecycle. This release includes vulnerability KPIs rolled-up to the business service level. KPI rollups give you a better understanding of vulnerability exposure and remediation performance in terms of business operations, rather than technical infrastructure. A Remediation dashboard, using standard Now Platform® reports, is also provided for the IT operations personnel that execute vulnerability remediation activities. This application, is available in the ServiceNow Store.

Exploit enrichment

Version 7.0: Exploit information imported from third-party integrations has been added to vulnerability entries. Use exploit information to prioritize which vulnerabilities to address first.

CVSSv3 support

Version 7.0: Vulnerability entries display CVSSv3 metrics. By showing CVSS v3 in addition to the CVSS v2, you can prioritize based on the newest algorithm used to calculate the severity of your vulnerabilities.

Vulnerability Assignment Rules

Version 7.0: You can define the assignment rules at the vulnerable item level. These assignment rules apply to the group rules by default, and group vulnerabilities by assignment group.

Vulnerable Item Risk Rating

Version 7.0: A new Risk Rating field on vulnerable item breaks the existing 0-100 risk score tiers into five tiers (Critical, High, Medium, Low, and None) for easier reporting and prioritization.

Normalized Severity

Version 7.0: Vulnerability assessment products often report vulnerabilities with proprietary integer-based severity scales. These severities are normalized into a common and configurable scheme for improved readability, reporting, and comparison.

Updated default form and list views

Version 7.0: Various Vulnerability Response default forms and list view forms for have been updated for improved usability. These entities include but are not limited to: Vulnerability entries, Vulnerable Item, Vulnerability Group, Discovered Item, and Approvals.

ACLs were updated to ensure that fields that should not be modified are marked read-only.

New in existing integrations

Rapid7 Vulnerability Integration

Version 9.0: Manually create sites for Rapid7 InsightVM to use with site filtering in Vulnerability Response.

Version 9.0: Rapid7 InsightVM Multi-source support enables you to integrate with multiple Rapid7 InsightVM instances into a single instance ofVulnerability Response. Assets identified by multiple Rapid7 InsightVM deployments and their vulnerabilities are consolidated and reconciled with your CMDB.

Version 9.0: Rapid7 InsightVM Asset List Integration retrieves asset scan data once a week and stores it in the Discovered Items module in your instance. Helps identify assets that haven't been scanned lately using the Last Scan date.

Version 9.0: Rapid7 InsightVM Host Tags become available for use in the Condition filter across Vulnerability Response. For example in Assignment Rules, Remediation Target Rules and so on.

Version 9.0: Filter using Rapid7 Sites and CVSS data.

Note: Rapid7 has a volume limitation on the use of the Site filter. If total assets are 10,000 or more, it sends a 500 internal server error. Rapid7 is tracking this issue in support ticket EA-3945.

Version 7.1: When migrating to the InsightVM integration type from the Data Warehouse integration type, the Rapid7 InsightVM integration recognizes existing data warehouse vulnerable items, if they were imported from the same data source. It does not create duplicate records, so you can seamlessly migrate from the Data Warehouse to InsightVM integration type.

Version 7.1: Adds exploit data import for both the Data Warehouse and InsightVM integration types.

Version 6.2: Adds imports using the Rapid7 InsightVM API for discovery, detection, verification, risk classification, and impact analysis to manage risk and remediation. This integration does not require the Rapid7 Nexpose data warehouse.

Note: To migrate from the Rapid7 Nexpose vulnerability integration see KB0743164.

Qualys Vulnerability Integration

Version 9.0: Qualys Host List Integration retrieves authenticated and unauthenticated host scan data from Qualys once a week and stores it in the Discovered Items module in your instance. Helps identify assets that haven't been scanned recently using Last Scan date. View the Last Scan time and Last Authenticated Scan time on the Discovered Items list.

Version 8.0: Populates Preferred Solution for vulnerable items with the same Preferred Solution as its vulnerability.

Version 8.0: Creates National Vulnerability Database (NVD) records for Qualys KnowledgBase imports by default.

Version 8.0: The latest version of Qualys Vulnerability Integration is published in the ServiceNow Store and available for download.

Tenable for Vulnerability Response v2.x

Prioritize and automate the remediation of critical vulnerabilities. Tenable for Vulnerability Responsev2.x applications offer increased performance speed of importing vulnerabilities. These applications also bring in the Vulnerability Priority Rating (VPR) score into ServiceNow.

Note:

When Tenable for Vulnerability Response v2.x vulnerabilities are imported before their corresponding National Vulnerability Database (NVD) entries, those vulnerabilities are not associated with the NVD vulnerabilities later. Ensure that NVD imports are up to date, and periodically reimport the Tenable for Vulnerability Responsev2.x vulnerabilities.
Tenable for Vulnerability Responsev2.x doesn't currently support Normalized severity.
Tenable for Vulnerability Responsev2.x populates exploit information in the Tenable for Vulnerability Response Additional Findings fields.

New integrations

Microsoft Security Response Center Solution Integration

Version 8.0: Microsoft Security Response Center Solution Integration imports solution data for known vulnerabilities and creates relationships with vulnerable items and vulnerability groups. This integration is part of Vulnerability Solution Management.

Shodan Exploit Integration

Version 7.0: Shodan Exploit Integration imports exploit information that helps you prioritize the vulnerabilities in your environment based on risk.

This integration enables exploit information enrichment that helps you understand the following exploitability metrics to prioritize the remediation of vulnerabilities:

Is there any exploit associated with the vulnerability?
What skill level is required to exploit the vulnerability based on the exploit code rank?
What is the exploit attack vector? Can the vulnerability be remotely exploited?

Once your vulnerabilities are enriched with exploit intelligence, you can define the risk score and group the vulnerabilities based on these parameters. You can also filter key reports to see the high-risk vulnerabilities.

Quick start tests for Vulnerability Response

Validate the continued functionality of Vulnerability Response after any configuration change such as an upgrade or after developing an application. All test suites and tests should pass on a default implementation. To validate a custom implementation, copy the automated tests and configure them for your customizations.

Walk-up Experience

Agent Workspace for Walk-up Experience fulfillers

Use Agent Workspace to access and complete interactions at a walk-up queue location. This enhancement moves technicians away from the list and form interaction fulfillment experience to a configurable service desk application. Agent Workspace for Walk-up Experience provides a more efficient, integrated, and intuitive fulfiller experience. Using Agent Workspace, technicians can:

Access a personal inbox where interactions are automatically pushed for assignment based on schedules and rule configurations in the Advanced Work Assignment feature.
Open an incident or request consumables directly from an interaction.
Consume assets directly from an associated stockroom.
Access relevant knowledge base information.
Display the ability to accept walk-up interactions via an availability toggle.
Enable channels other than Walk-up, such as Chat or traditional Incident Management, to remain productive when the walk-up queue is not busy.

Walk-up appointment scheduling

Schedule appointments online or onsite to receive IT support at a walk-up queue location. You can cancel an appointment, as well as reschedule an existing appointment. Scheduling places you at the head of the queue at your appointment time.
View upcoming appointments scheduled for a walk-up queue. Managers and technicians can view appointments to best plan for interaction demand. Appointments can be viewed in platform view or in Agent Workspace.
Receive a reminder notification for an upcoming scheduled appointment 15 minutes prior to the appointment.
Configure custom appointment scheduling by location.

Walk-up queue length notification

Configure and receive queue-length threshold notifications. When a queue reaches a pre-configured length, a notification is sent to the manager of the assignment group for the walk up queue location. Knowing that a walk-up queue is crowded with a long waiting line means that managers can add additional support to the queue.

Walk-up support when a queue is closed

Get IT support even when a walk-up queue location is closed. Display an IT support phone number online and onsite at a queue providing requesters with an immediate option when the queue is closed. Requesters can also create an incident directly online or onsite at the check-in queue.

Tables

Use the Walk-up Appointment [wu_appointment] table to configure scheduled appointments.

Walk-up service channel

Use the Walk-up service channel to route walk-up interactions. Work items originate from the Advanced Work Assignment feature. Configure the channel to meet your needs. The Walk-up service channel includes a default assignment inbox layout. Inbox capacity represents the number of walk-up interactions a technician can work on concurrently. By default, the capacity is set to 1.
Configure the Service channel field on the Walk-up Location Queue form to specify Walk-up channel.
Route work items to the correct queue location by specifying the Walk-up service channel in the Queue [awa_queue] table.

Web services

Added support for sysparm_query_no_domain in Table API

The Table API supports the sysparm_query_no_domain parameter:

false (default): Exclude the record if it is in a domain that the currently logged in user is not configured to access.
true: Include the record even if it is in a domain that the currently logged in user is not configured to access.

Note: The sysparm_query_no_domain parameter is available only to system administrators or users who have the query_no_domain_table_api role.

RESTMessageV2 and SOAPMessageV2 API timeout

Set the glide.http.outbound.max_timeout system property to specify the number of seconds that RESTMessageV2 and SOAPMessageV2 APIs wait for a response from a synchronous call. The maximum value is 30 seconds. To define a timeout longer than 30 seconds, set the glide.http.outbound.max_timeout.enabled system property to false and use the waitForResponse() method to set the timeout. For examples, see Asynchronous RESTMessageV2 example and Asynchronous SOAPMessageV2 example. If glide.http.outbound.max_timeout.enabled is set to true and a value is passed in the waitForResponse() method, the system uses the smallest value from either the waitForResponse() method or the glide.http.outbound.max_timeout system property.

Previous topic

Next topic

Release version

New features and products in Madrid

Cumulative release notes summary on new Madrid features and products.

New products were introduced in Madrid, and additional features were added to existing ServiceNow products.

Application or feature

Details

API

Table 1. New scoped classes and additional methods to existing scoped classes
Class	Activated with	Methods
FlowAPI	Flow Designer	executeAction() executeFlow() executeSubflow() setEncryptedOutput() startAction() startFlow() startSubflow()
GlideRecord - Scoped	Now Platform	isEncodedQueryValid()
Notify - Scoped	Notify	hasCapability()

Table 2. New global classes and additional methods to existing global classes
Class	Activated with	Methods
Agent	Advanced Work Assignment	getPresence() setPresence()
MLPredictor	Agent Intelligence	applyPrediction() applyPredictionForSolution() findActiveSolution() findActiveSolutionsForRecord() getPredictedValue() getPredictions() isClassificationSolution() isSimilaritySolution() recordFinalValuesInPredictionResults()
Notify	Notify	hasCapability()
OnCallRotation	Now Platform®	getPrimaryUsers() getPrimaryUserByRota() getPrimaryUserNameByRota() getEscalateesAt()
Queue	Advanced Work Assignment	route()

Table 3. New client classes and additional methods to existing client classes
Class	Activated with	Methods
GlideFlow	Flow Designer	getExecution() startAction() startFlow() startSubflow() awaitCompletion() getExecutionStatus() getOutputs()
NotifyClient	Notify	addEventListener() destroy() getStatus()

Table 4. New REST APIs and additional endpoints to existing REST APIs
API	Activated with	Endpoint
Agent	Advanced Work Assignment	GET /api/now/awa/agents/{sys_id} PUT /api/now/awa/agents/{sys_id}
Change Management	Change Management	DELETE /sn_chg_rest/change/{change_sys_id}/task/{task_sys_id} DELETE /sn_chg_rest/change/emergency/{sys_id} DELETE /sn_chg_rest/change/normal/{sys_id} DELETE /sn_chg_rest/change/standard/{sys_id} DELETE /sn_chg_rest/change/{sys_id}/conflict GET /sn_chg_rest/change/{change_sys_id}/task GET /sn_chg_rest/change/{change_sys_id}/task/{task_sys_id} GET /sn_chg_rest/change/emergency GET /sn_chg_rest/change/emergency/{sys_id} GET /sn_chg_rest/change/normal GET /sn_chg_rest/change/normal/{sys_id} GET /sn_chg_rest/change/standard GET /sn_chg_rest/change/standard/{sys_id} GET /sn_chg_rest/change/standard/template GET /sn_chg_rest/change/standard/template/{sys_id} GET /sn_chg_rest/change/{sys_id}/conflict PATCH /sn_chg_rest/change/{change_sys_id}/task/{task_sys_id} PATCH /sn_chg_rest/change/emergency/{sys_id} PATCH /sn_chg_rest/change/normal/{sys_id} PATCH /sn_chg_rest/change/standard/{sys_id} PATCH /sn_chg_rest/change/standard/{sys_id}/risk PATCH /sn_chg_rest/change/{sys_id}/approvals POST /sn_chg_rest/change/normal POST /sn_chg_rest/change/emergency POST /sn_chg_rest/change/{change_sys_id}/task POST /sn_chg_rest/change/standard/{standard_change_template_id} POST /sn_chg_rest/change/{sys_id}/conflict
Queue	Advanced Work Assignment	POST /api/now/awa/queues/{sys_id}/work_item

Agent Intelligence

Similarity framework: Use the Agent Intelligence similarity framework to build a word corpus (a collection of machine-readable text that is assembled for the purpose of research) to compare trained records that are based on textual similarity.
Create and train a similarity solution: Create and train a solution that applies machine learning to train the word corpus to target and recommend similar records in your instance data set.
Review solution similarity examples: Review the similarity examples and scores that the system provides during solution training. Determine if you need to update the similarity score threshold of your trained solution.
Update your similarity score threshold: Update the similarity score threshold value if you want the results that are returned by the solution to be more or less similar.
Agent Intelligence for Event Management: Use your instance records to build Event Management-specific machine-learning solutions.
MLPredictor - Global: Use the utility methods in this API for Agent Intelligence predictions.

Agile Development 2.0

Quick start tests for Agile Development 2.0: Validate the continued functionality of Agile Development 2.0 after any configuration change such as an upgrade or after developing an application. All test suites and tests should pass on a default implementation. To validate a custom implementation, copy the automated tests and configure them for your customizations.
Performance Analytics Content Pack for Agile 2.0: Install the Performance Analytics Content Pack for Agile 2.0 application from the ServiceNow Store. Performance Analytics Content Pack for Agile 2.0 contains preconfigured dashboards with data visualizations that help you improve your Agile processes and practices.

Antivirus Scanning

Configure Antivirus Scanning: Configure Antivirus Scanning across your instance and at the table level.
Dictionary attributes for Antivirus Scanning: As an administrator, you can set the values of dictionary attributes to modify the behavior of the default Antivirus Scanning configuration.
Review antivirus activity: The Antivirus Activities log tracks all activities that occur on potentially infected files from the point that they are discovered and placed into quarantine.
Review quarantined files: Review quarantined file attachments and take further action as needed.

Application Portfolio Management

Enhancements in Technology Portfolio Management Timeline (TPM)

Retrieve the business applications risk data stored in the Business Application Risks [sn_apm_tpm_business_application_risk] table. Risks of all business applications are calculated and the data are stored in the risks table to make optimal use of the risk engine. Since risks are stored and retrieved from the table, their retrieval is faster when loading the Technology Portfolio Management timeline or the Capability Based Planning portal. Execute the Load TPM Risk Parameters and compute Business Service Risks scheduled job daily to obtain the real-time status of risks your business applications are exposed to in a given day. Running this job populates the business risks table.
Relate the software models that the suggestions engine picks up to your application service instead of searching for and then mapping them manually. You can easily manage the results of two subsequent runs of the software models suggestions engine by reviewing the new software models suggested by the engine in the latest run.
Navigate to Business Application Risk Values in the applications menu to view the risk record of each business application.
View the risk scores at the risk parameter level by clicking the risk bubble of the software model in the TPM timeline.
Filter business applications based on their risk factor using the business application risk filter.
Select the By Product Classification view to dynamically load software models, business applications, and application services in the timeline. All technology categories or product classifications are loaded as the page loads.

Application roadmap

Application assessment indicators

Fetch cost data from the IT Financial Management buckets using the seven cost indicators to assess the performance of business applications in Application Portfolio Management. Know the exact amount that is allocated to a business application from a cost bucket using the preconfigured L2 Costing — Business Applications cost model.
Use the APM application indicators to get the count of all incidents that are associated to a business application, and derive the relative weight of the application. The incident indicators gather data at an instance level and then bundle them up at the application level.

Quick start tests for Application Portfolio Management

Application security

Instance security center: Monitor the compliance level of instance security controls, view security event monitoring metrics, configure and maintain instance security settings. The Instance Security Center consolidates several key security components into a single comprehensive control console that helps you detect, protect and respond to instance based security events.

Approvals

Embed an approval request within the Outlook email client: Embed an interactive approval request for service catalog requests in the email notification sent to a user. The user can accept or reject the approval request from the email client.
Mobile experience for Approvals: Approve catalog requests, requested items, or change requests from anywhere using the ITSM ServiceNow Agent application.

Assessments and Surveys

Question Bank module: Add question categories (metric categories) and questions (metrics) in the Question Bank module so that you can reuse them when you create or update a survey. This module is available for all evaluation types, that is, surveys, assessments, and quizzes.
The demo data for the question bank is available only when you activate the Survey Question Bank Sample Data plugin (com.snc.question_bank_data). This demo data is available for surveys in the Platform UI and Survey Designer (under Questions and Categories tabs).
Embedded survey within the Outlook email client: Embed an interactive survey in the email notification that is sent to the user by selecting the Outlook Actionable Message check box in the survey definition. Your users can answer the survey questions and submit the survey from the email client instead of opening it in a new browser tab.
Note: To use this feature, you must activate the Outlook Actionable Messages plugin (com.sn_ms_oam).
Ability to take a survey in the Connect chat client: Configure a survey in the Connect chat client by using the Chat Survey module. When a support agent ends the chat, the survey URL is displayed.
Note: To use this feature, you must activate the Connect Support plugin (com.glide.connect.support).
Recipients list: Send a survey invite to a targeted set of users by using a recipients list. Using the dynamic condition method, you can create a dynamic recipients list that can be used for multiple surveys.
Localization for a public survey: Use the Enable/Disable whether to show language picker when a public survey is taken property to enable a language picker for a public survey. When a survey user takes the survey, it is first available in the language that you set. However, the user can use the language picker to change the language of the survey. Localization is also applicable to Service Portal.
Note: You must activate the language plugins for each language that you want your surveys to be available in.
Quick start tests for surveys: Validate that Assessments and Surveys still works after you make any configuration change such as applying an upgrade or developing an application. Copy and customize these quick start tests to pass when using your instance-specific data.

Authentication

Support JSON Web Tokens (JWT) for external API providers: JWTs provide the capability to configure server-to-server API interactions between ServiceNow and external API providers without requiring any user intervention. This support enables IntegrationHub or other automated tasks using JWTs to configure API and Service integrations with different providers.
Guest Session Timeout property: This new property, glide.guest.session_timeout, decouples a session timeout for a guest session from the glide.ui.session_timeout.
Support Facebook authentication: Your Facebook user account can link to your ServiceNow user account to perform actions, such as pre-set conversations or notifications, through a conversational bot platform.

Automated Test Framework

Automated Test Framework Properties: Enable tests with Custom UI steps to capture page data each time they are run.
Custom UI test steps: Test customized user interfaces such as UI pages and UI macros by retrieving their HTML and JavaScript page components and identifying the test actions they support.
Page Inspector: Identify which HTML and JavaScript page components of your user interfaces are available for custom UI testing. Enable automated testing by ensuring your user interfaces only contain testable page components.
Develop testable custom components: Change the testing properties of a particular page component using Automated Test Framework-specific HTML attributes.
Parameterized tests: Run a test multiple times with different test data for each run. Create parameters to store test data for each test run.
Add tests to a suite with a filter: Automate the creation of test suites by using a filter to dynamically add tests to a test suite when they match the filter conditions. Reduce the time that your test designers spend manually creating and maintaining test suites.
Available quick start tests by application or feature: Validate that your instance still works after you make any configuration change such as apply an upgrade or develop an application. Copy and customize the ServiceNow-provided quick start tests to pass when using your instance-specific data.

Change management

New features added to Conflict detection

Change conflict scheduling: When potential change scheduling conflicts are identified, change conflict scheduling identifies dates and times where no conflict exists and provides a new Scheduling Assistant user interface that allows a change requester or fulfiller to select a date and time with no conflicts. To take advantage of this new feature, activate the following two new properties:
- Define the number of days to be factored after the respective Planned start/end date of a Change record when searching for the next available time (change.conflict.next_available.schedule_window).
- Define the number of suggestions to be calculated for the next available time field on a Change (change.conflict.next_available.choice_limit).
A new conflict type called Assigned to already scheduled is introduced to identify when the assignee of a change request is already assigned to another change request scheduled on the same date and time.

Change REST API suite

Change approval policy

Enhanced refresh impacted services

Quick start tests for Change Management

Validate the continued functionality of Change Management during application development and after upgrades. Copy and configure these automated tests to identify customizations needing review.

Standard Change catalog for support for workspaces

Now Platform® branding

Updated the CAB workbench portal and Change Conflict Calender to align to the base system platform color palette.

Cloud Management

Simplify creation of service offering in Service Catalog using cloud-native templates: Taking a service-centric view, this feature allows the service designer to start with a catalog item and design the end user catalog experience. The service is driven by importing cloud-native templates or ServiceNow blueprints.
Enable use of technologies like Orchestration to drive day 1 and day 2 operations: Cloud services and operations continue to grow at breakneck speeds. This feature allows customers, partners, and field personnel to add new services and operations using Orchestration workflows. This is especially useful for creating new day 2 operations for various cloud resources.
Performance improvement for Cloud User Portal and Admin Portal: The Cloud Management platform includes both an Admin and a User Portal, each serving a different role. This release focuses on user interface performance improvements for both the Admin and the User portals. The performance-related changes are transparent to the user.

Communities

Community profile time zone: Set a preferred time zone when registering with the community or from the community profile.
Antivirus protection for community attachments: If antivirus protection is enabled, all attachments that are uploaded into or downloaded from the community are scanned for viruses.
Forum hierarchy: Create sub forums and map them to a parent forum. The forum hierarchy is displayed on the community pages.
Last updated time stamp: Displays when updates were last made to replies, comments, answers marked as correct, and which user made the updates.
Enhancements to the community TinyMCE editor: Change the font and add tables when creating community content.
Automatic addition of secondary content types: Adds the respective secondary content types automatically when configuring primary content types for a community forum.
Exclude self-award: Checks that a user is not awarded gamification points for content they authored.
Created date sort option: Sort by the date on which content was created from the community homepage or forum landing page.
Contributions on the community profile page: Displays a list of the number of user contributions to the community.
Additional notification preferences: Select My Blog marked as helpful, My comment marked as helpful, My Question upvoted, and My Answer marked as helpful as activity feed options or email notifications.
Full-sized images: Open an image from community content, such as a question, to view a full-sized image.
Quick start tests for Communities: Validate the continued functionality of Communities after any configuration change such as an upgrade or after developing an application. All test suites and tests should pass on a default implementation. To validate a custom implementation, copy the automated tests and configure them for your customizations.

Configuration Compliance

Configuration Compliance assignment rules overview: Version 9.0: Define assignment rules to automate the assignment of configuration test results to their respective remediation teams. Assignment rules can also be reapplied to existing test results on-demand, or automatically on a scheduled basis. Reapplying ensures test results reflect the latest rule changes or ownership updates in the CMDB.
Note: For upgrade customers, the Assignment group and Assigned to fields must be added to the test results form manually.
Configuration Compliance test result groups and group rules overview: Version 9.0: Use Group Rules to automatically create Test Result Groups.These rules group non-passed test results in terms of how they’re going to be remediated and by whom. Group rules can also be reapplied to existing test results, ensuring test result groups reflect the latest test result and group rule changes.
Remediation owner added to roles: The sn_vulc.remediation_owner role compartmentalizes the view and update permissions of test results, test result groups, and related policies, authoritative sources, and other content for remediation teams. sn_vulc.remediation_owner is part of the itil role. Remediation owners can view and update only the test results and test results groups assigned to them or to one of their user groups.
Configuration Compliance has moved to the ServiceNow Store: Version 8.0: You no longer need to wait for the platform family release of Configuration Compliance to enjoy new features, updates, and fixes. The latest version of Configuration Compliance is published on the ServiceNow Store and available for download.
Multi-source support in Qualys: Version 8.0: If you have multiple deployments of the Qualys Cloud Platform application, you can add an integration for each deployment. Data sourced from each deployment is identified and available in a single instance of Configuration Compliance.

Configuration Management Database (CMDB)

Agent Workspace for CMDB

Access the following essential CIs and related details from Agent Workspace for CMDB:

Timeline view to access changes, change requests, and incidents for CIs
Health widget to view health scores for CIs
Relationships widget to view level 1 relationships (direct relationships) for CIs
All critical attributes related to CIs
Ability to create incidents and change request from the CI form view

CMDB Health

Use the system property glide.cmdb.health.src.cmdb_health_audit_only to configure CMDB Health to disregard data from other sources, such as cloud discovery.

CMDB roles

Control read access to the CMDB by using the cmdb_read role. The cmdb_read role is required for reading any CMDB table, and it is contained in existing roles such as admin and itil.

CMDB Search

Quick start tests for Configuration Management Database (CMDB)

Contextual Search

Source selector: Specify a resource to search from the choice list next to the Related Search field.
Search on tab field: Configure the search so that it searches only when the agent enters text in the Short description field or in a search field and then removes the cursor from the field.
Disable actions: You can now disable search actions except the This helped action.
Attach note field: Specify a field where the attached knowledge article should be copied by selecting the Use custom field for attach note check box and putting the field name in Attach note field. Earlier, the attached knowledge article was copied to the field set in the glide.knowman.attach.fields property.

Contextual development environment

Extension points for UI macros and scripts: Create and embed custom code hooks, called extension points, into UI macros and scripts in scoped and global application base code. You can use extension points to designate where custom UI macros and scripts be called and then processed to extend the base Now Platform functionality.
Because you do not need to embed extension points directly into the core application code, you prevent application paths from breaking during upgrades.

Continual Improvement Management

Integration with ITOM and GRC applications

Link new and existing records from IT Operations Management (ITOM) and Governance, Risk, and Compliance (GRC) to Continual Improvement Management on the base system with one click.
ITOM Configuration Management Database (CMDB) application integration includes a related link to create an improvement initiative on the Remediate Duplicate Tasks form. CIM integration allows easy submittal of an improvement initiative to address issues around de-duplication of CMDB tasks.
GRC application integration includes a related link to create an improvement initiative on the Issues form. You can also create multiple improvement initiatives from a single audit control task and view the associated tasks in a related list.

Enhanced linking with implementing tasks outside of CIM

Quick tests for Continual Improvement Management

Credentials

Credential aliases for Discovery: Allows an administrator to use specific credentials on Discovery schedules. Credential aliases provide more control over which credentials a Discovery schedule is allowed to use and prevents the unnecessary exposure of credentials with elevated privileges.

Customer Service Management

Case action status: Identify cases that require attention and quickly prioritize workload using visual indicators in the Action Status column on the Case list.
Customer Service integration with Service Management: Provides an integration between Customer Service Management and the Incident, Problem, Change, and Request Management applications. Agents can create incident, problem, change, and request records from customer service cases.
Agent Workspace for Customer Service Management: Integrates the platform functionality specific to tier 1 customer service agents and puts these features into an easy-to-use interface. These features enable agents to be more efficient, such as a multi-tab interface for managing multiple cases and a heads-up contextual display that provides quick orientation to the task at hand.
Lookup and verify: Enables agents using Agent Workspace for Customer Service Management to quickly look up contacts or consumers using information such as the name, phone number, account, or record number, and verify that information on the interaction record.
Advanced Work Assignment for Customer Service Management: Automatically route and assign cases as work items in Agent Workspace to customer service agents based on availability, capacity, and skills. Define work item queues, routing conditions, and assignment criteria that AWA uses to distribute work items. From the agent inbox, agents can see pending assignments, set availability, and accept or reject work items.
Similar cases: Provides an easy way for an agent working on a case or a problem to find similar, already resolved records. The agent can link the current record to a similar record and also copy resolution notes to the current record.
Quick start tests for Customer Service Management: Validate the continued functionality of Customer Service Management after any configuration change such as an upgrade or after developing an application. All test suites and tests should pass on a default implementation. To validate a custom implementation, copy the automated tests and configure them for your customizations.

Dashboards

Dashboard picker enhancements: Find dashboards more quickly. On each dashboard, the dashboard picker enables you to choose from the dashboards you have permission to view, with the most recently opened dashboards shown first. Previously, this list showed all dashboards by default. Click Load all dashboards to see a list of all dashboards available to you.
Quick start tests for Dashboards: Validate the continued visibility and sharing functionality of dashboards after any configuration change such as an upgrade. All test suites and tests should pass on a default implementation. To validate a custom implementation, copy the automated tests and configure them for your customizations.

DevOps

Configurable pipeline modeling

Model pipeline stages in DevOps at the app level for easier management of your pipeline process and end-to-end visibility in DevOps. More than one app per pipeline is supported.

Planning, coding, and orchestration tool integrations

Change acceleration

DevOps Insights dashboards

App Pipeline UI view

Support for common Jenkins plugin features

User-created integrations support for planning, coding, and orchestration tools

Version 1.9: Connect and discover integration capabilities are also supported.

The DevOps API can also be used for user-created planning, coding, and orchestration tool integrations.

Quick start tests for DevOps

Discovery

Discovery performance metrics

File-based discovery

If you are interested in participating in this limited availability program, email discoverypm@servicenow.onmicrosoft.com.

PowerShell remoting

Document Viewer

Enable Document Viewer: Enable Document Viewer on a specific table by adding the use_document_viewer attribute.
View attachments with Document Viewer: Use Document Viewer to view documents directly within the Now Platform® rather than having to download them to your own file system.

Edge Encryption

Authenticate an Edge Encryption proxy server: Specify that a proxy is a trusted source so that Edge Encryption can process the requests that come from that proxy.

Event Management

Alert intelligence: Alert Intelligence is implemented in the multi-tab interface of Agent Workspace. You can manage alerts in Workspace in the Event Management implementation of Agent Workspace.
View alert group reasoning: As alerts are added to a group, a message is added to the Work notes field of the alert to indicate the reason for aggregating that alert into the group. When an alert is added to or removed from the group, that information is shown in the Work notes of the selected alert.
Monitor event processing metrics: Extract statistics from your instance to ensure that performance is not affected and extract metrics related to event processes to monitor event processing status.
Configure event collection from an Icinga2 connector: Configure the Icinga 2 (Icinga) connector instance to receive events while monitoring your network resources.
Alert similarity: Find alerts that are similar to the alert that you are currently investigating. Save time in resolving the current alert by seeing how the similar alerts were resolved. In this way, like alerts are resolved in the same way and there is a reduction in the mean time to resolve alerts. Alert similarity applies natural language processing (NLP) based on Now Platform® machine learning (ML) as implemented in Agent Intelligence.
Quick start tests for Event Management: Validate the continued functionality of Event Management after any configuration change such as an upgrade or after developing an application. All test suites and tests should pass on a default implementation. To validate a custom implementation, copy the automated tests and configure them for your customizations.

Field Service Management

Field Service Mobile: Manage your field service tasks anywhere using the Field Service mobile application. With this application, you stay connected at all times, can access information in real time, and complete your tasks quickly. You can even access task information and complete tasks in locations where your mobile device is not connected to the Internet.

Quick start tests for Field Service Management: Validate that Field Service Management still works after you make any configuration change such as applying an upgrade or developing an application. Copy and customize these quick start tests to pass when using your instance-specific data.

Adding knowledge to work order and work order task forms: Add additional information to complete tasks.

Financial Management

Prescriptive cost models

ITFM prescribed weighted metrics

Choose from a library of ITFM-prescribed metrics that support weighted rollup. This library of metrics sources data directly from other applications within the Now Platform®.

ITFM prescribed scripted metric to allocate to business capabilities

ITFM prescriptive dashboards

Total weight support in allocation metrics

Financial Charging guided setup

Quick start tests for Financial Management

Flow Designer

Call a Workflow flow logic: Reuse existing business logic by running a published and active workflow from a flow. Flow designers can use flow data as workflow inputs such as specifying the current record.
Core attachment actions: Use core actions to copy, delete, look up, and move attachments in the Attachments [sys_attachments] table.
Do the following in parallel flow logic: Branch a flow into blocks of actions and subflows that run in parallel.
Do the following until flow logic: Apply one or more actions repeatedly until an end condition is met. Flow designers can use flow data to specify the end conditions.
End flow logic: Stop running a flow from within a conditional flow logic block, such as an If, Else If, or Else flow logic block. Use this flow logic to stop flow execution when certain conditions are met.
GlideFlow API: Perform client-side interactions with actions, flows, and subflows. Flow designers must enable a flow, subflow, and action to be called from the client.
Make a decision flow logic: Use decision table branching logic in situations where multiple conditional paths are required, as an alternative to nested If, Else If, or Else flow logic. For example, inputs such as location, age, crash history, car make, car model, and car year will determine a level of insurance coverage. This logic can save time and present a more readable format than nested if conditions or switch case statements.
Run As advanced option: Choose whether the flow runs as System User or the user who initiates the session. Use the user who initiates the session option when the update should come from the user who triggered the flow. For example, comments to incident records that should come from the current user, or approval emails that should originate from the approver. Settings on a flow do not apply to child subflows. Flows created before the upgrade default to run as the System user, which means that the flows bypass normal access controls. New record-based flows default to run as the user who triggers the flow.
FlowAPI: Execute actions, flows, or subflows in server-side scripts using either blocking or non-blocking methods. Non-blocking methods enable the client to execute other code in the script without waiting for the flow to complete.
Wait for a duration flow logic: Pause a flow for a specified time period. Flow designers must specify the duration and schedule for the wait period.

Governance, Risk, and Compliance

The following accelerators are downloaded from the ServiceNow Store and activated in the core GRC applications (Policy and Compliance Management, Risk Management, and Audit Management:

GRC: NIST CSF Use Case Accelerator: The NIST CSF Use Case Accelerator gives customers an operational head-start when adopting the NIST CSF. When the accelerator is downloaded and activated in the GRC applications, pre-configured policies, scopes (profiles, profile type recommendations), indicators, risks, and other GRC elements appear.
GRC: NIST RMF Use Case Accelerator: The NIST RMF Use Case Accelerator gives customers an operational head-start when adopting the NIST RMF. When the accelerator is downloaded and activated in the GRC applications, pre-configured policies, scopes (profile, profile type recommendations), indicators, risks and other GRC elements appear.

Guided Tour Designer

Single callout placement: The four directional callouts used to associate a tour step to a page element have been replaced by a single multidirectional callout. This multidirectional callout enables you to flexibly position your callouts so they point to an element from any direction.

HR Service Delivery

Case and Knowledge Management

Standardize the documentation, interaction, and fulfillment of employee inquiries and requests, improving HR efficiency and services over time.

Preview a knowledge article with knowledge blocks: Preview published knowledge articles with knowledge blocks by user and date. You can see how the article appears or hides block content based on the user criteria and date.
Automated Test Framework for HR: Validate the continued functionality of HR Service Delivery after any configuration change such as an upgrade or after developing an application. All test suites and tests should pass on a default implementation. To validate a custom implementation, copy the automated tests and configure them for your customizations.
Note: When running, demo data is required.

Employee Service Center

Provide a single, unified portal for employees to get all the information, services, and help that they need.

Note: Employee Service Center is also available as a standalone application.

Employee to-dos page: The to-dos page is where employees can view and complete all their to-dos on a single page in the Employee Service Center. You can configure the to-dos page by applying filters to show a user's approvals, content tasks, HR acceptances, HR tasks, and more.
Employees requests page: The requests page is where employees can view all their requests on a single page in the Employee Service Center. You can configure the requests page by applying filters to show a user's service catalog requests, IT incidents, HR cases, and more.
Employee knowledge page: The knowledge page is where employees can browse knowledge articles and find answers to their questions in the Employee Service Center. You can associate one or more knowledge bases with the Employee Service Center.
Employee catalog page: The catalog page is where employees can request catalog items such as services and product offerings in the Employee Service Center. You can associate one or more service catalogs with the Employee Service Center.
Employee live chat: Employees can chat directly and in real-time with support agents in the Employee Service Center. When an employee initiates a chat, a pre-chat window appears and the employee selects a category that routes them to the appropriate chat queue. You can control what categories appear by configuring the pre-chat categories.
Link the HR ticket page with the Employee Service Center: If you are using Employee Service Center as part of HR Service Delivery, use the Portal Configuration module to link the HR ticket page with the Employee Service Center portal.
HR ticket page: If you are using Employee Service Center with HR Service Delivery, the HR ticket page is where users can view the details of an HR case. Different users have different views of the HR ticket page, and you can configure the HR ticket page header for individual HR services.
Employee Forums: Employee Forums help your employees connect, engage, and collaborate with other employees. Forums can be used to share business information, promote employee engagement, encourage ideas and feedback, and give your employees a voice.
Add or modify task (to-do) content: You can assign tasks to your employees as part of a campaign and, if needed, trigger additional content once a task is completed. To-dos can also be sent via email or posted to the Employee Service Center.
Manage content for a campaign: Campaign bundles and content can be edited after being published. Content can be removed or changed for employees that have not yet viewed it.
Content Automation (campaigns) analytics: Use Content Automation Analytics to view event-based reports measuring employee engagement with your Employee Service Center and campaign content engagement.

Enterprise Onboarding and Transitions

Automate onboarding and other employee lifecycle events that span multiple departments, improving employee satisfaction and efficiency across HR and other departments.

Monitor the status of a lifecycle event case: Use activity set execution contexts to monitor the status of lifecycle event cases. You can report on the activity set contexts table along with the HR case table.
Show activity sets timeline to the subject person on the HR ticket page: If you are using Employee Service Center with Enterprise Onboarding and Transitions, you can show the activity sets timeline on the HR ticket page to the subject (subject person) of the lifecycle event case.
Wait for generated tasks to complete before closing the activity set: For lifecycle event activities that generate new tasks, you can wait for the generated task to complete before the activity closes.

Employee Document Management

Create or modify an employee document: Employee Document Audit Trail provides insight into all actions for an employee document from creation, updates, and to the time it was purged.
Employee document management bulk imports: You can upload multiple employee documents from an external cloud storage or a local network directory to Employee Document Management.

ITSM Agent Workspace

ITSM Agent Workspace for Problem Management

All fields that are available on the ITSM problem form are available on the Agent Workspace problem form.
State transitions are not available on the Agent Workspace for Problem and Problem task records.

ITSM Virtual Agent

Additional ITSM Virtual Agent conversations

Benefit from the following additional pre-built ITSM Virtual Agent topic conversation flows:

Escalate IT Ticket
Update Change Request
Identify Scheduled Changes
Create Problem
Identify Available Change Windows
Resolve Incident

Out-of-the-box Virtual Agent Performance Analytics Solution

Preconfigured Performance Analytics indicators and breakdowns for the Virtual Agent along with visualizations presented on the Virtual Agent Overview Dashboard.

Import and export

Concurrent imports: Split incoming data into multiple import sets and transform the import sets concurrently to reduce processing time.; You can partition import sets to maintain the processing order within each partition.
WebSockets: WebSockets are turned on by default. WebSockets connections may be limited by your network configuration. You can check your browser's compatibility by entering the following URL (you do not have to be logged on to an instance): https://yourinstance.service-now.com/$websocket_test.do.

Incident Management

Major incident workbench features

Access on-call escalation details: Access on-call roster and escalation details from the major incident workbench to reach out to a support group.
Make outbound calls from the browser : Make an outbound call from the Workbench UI to the device of the user by populating the sn_major_inc_mgmt.notify_webrtc_number property with a valid notify number that has voice capability.

Associate similar incidents

Associate the current incident to a similar incident or copy resolution notes to the current incident.

Add similar incidents: Find similar incidents to a current major incident so that the support teams can work on the parent record for a coordinated response process.
Similar incidents in contextual search : Use the Similar Incidents additional resource on the Incident form to search for and link similar incidents.

Advanced Work Assignment for Incident plugin

Contextual search

Quick start tests for Incident Management

New mobile app for Incident Management

Access work assigned to you or your group.
Add comments or work notes or reassign incidents.
Receive push notifications for incidents assigned or commented.
Review group workload for incidents by priority and state.
Approve or reject change requests, requests, and requested items.

ServiceNow add-in for Microsoft Outlook

IntegrationHub

Payload Builder step: Enable action designers to easily create name-value pairs in JSON and XML payloads using dynamic data.
SOAP step: Enable action designers to send outbound SOAP web service requests to external systems.
Slack spoke: Use Slack APIs to post messages and manage access to channels. Authorize spoke actions with OAuth tokens. The webhook-based spoke from the previous release has been renamed to the Slack webhooks spoke. Only the new spoke supports Slack APIs and OAuth.
Microsoft SCCM spoke: Automate management of user collections, device collections, and application deployments on a Microsoft System Center Configuration Management (SCCM) server.

Knowledge Management

Guided setup: Follow step-by-step instructions to configure Knowledge Management on your instance. Perform structured configuration activities and monitor your progress.
Ownership groups: Create ownership groups to own knowledge articles and maintain article quality, manage approvals, and ensure the timely resolution of feedback.
Full-sized images: Open an image from a knowledge article on the Knowledge Management Service Portal article view page to view a full-sized image.
Domain enhancement to user criteria diagnostics: Displays whether a user has access to a knowledge article or knowledge base based on their domain.
Facets for glide list field types: Configure facets for glide list field types on the Knowledge Service Portal search results page.
Import a Word document using the platform UI: Create a knowledge article by importing a Word document directly using the platform UI.
Multi-language search facet: Select which languages to display your search results using the language facet in the Knowledge Management Service Portal.
Performance improvements to scripted user criteria: Evaluates user access to knowledge bases once per session if scripted user criteria is defined for a knowledge base. If the script results in changes after a session cache is built, the result takes effect in the next session. Changes to a user's role, groups, company, location, or department take immediate effect.
Extension points for Knowledge Management plugins: Use UI extension points to customize knowledge article headers and footers and article feedback notification emails. Use scripted extension points to customize the article subscription email template.
Quick start tests for Knowledge Management: Validate the continued functionality of Knowledge Management after any configuration change such as an upgrade or after developing an application. All test suites and tests should pass on a default implementation. To validate a custom implementation, copy the automated tests and configure them for your customizations.
Preview a knowledge article with knowledge blocks: Preview a knowledge article with knowledge blocks by user or, if published, date. For an unpublished article, you can preview the article by user by impersonating different users to see how the article displays or hides block content based on the user criteria set at the knowledge base and knowledge block level. For published articles, you can preview the article by both user and date to see how the article appears in past versions for different users.

MID Server

TrustStore configuration parameters

Sets the path to the trustStore for the MID Server to use and defines the trustStore password for HTTPS connections with the Asynchronous Message Bus (AMB) Client.

mid.https.truststore.path
mid.https.truststore.password

Notifications

Email client configurations

Control how your email client works:

Use email client configurations to manage the behavior of your email client. Each configuration consists of different email controls for setting the allowable email recipients and email addresses and for defining the allowable sender (From) email addresses.
Use the Email Client Template (enhanced for this release) to define the default content for an email client message. The template provides a Sender Configuration tab for specifying how the sender email address (From field) is generated. You can choose from four different configuration methods: SMTP, Select from List, Script, or Text.

Multiple email readers

Notify

Notify-Twilio Direct driver: A new Migrate Now button for one-click migration from the legacy driver to the new Notify-Twilio Direct driver is provided.
Notify Properties module: Updated Notify properties have been added such as phone numbers to send SMS messages or to allow on-call users to directly call people on the rosters from a browser.
Advanced SMS features: Configure bulk SMS messages to reach multiple lists of users with only one API request through the Twilio Notify integration and intelligent SMS handling to send SMS messages using alphanumeric IDs.
Advanced Voice features: Answering Machine Detection (AMD) enables you to determine whether a human or a machine has picked up an outbound voice API call so you can tailor your call flow accordingly.
WebRTC Calls: Make outbound calls from the browser On-Call and MIM Workbench interface.

On-Call Scheduling

User interface for on-call schedules

Review, manage, and correct gaps or conflicts in your on-call schedule from a single view. On-call managers and members can use this interface to view and maintain on-call schedules.

Coverage gaps and conflicts for a shift

Review gaps and conflicts in a shift to ensure proper support coverage. Possible reasons for gaps are:

Time-off without coverage
User has been moved out of the group
User is marked as inactive

A conflict is possible if the same user is assigned as the primary and secondary point of contact for a shift.

Group managers and delegated shift managers can view these gaps and conflicts using any of the following options:

Info icon for a shift in the calendar view of the on-call calendar
Info icon for a shift in the timeline view of the on-call calendar
Info icon for a shift on the On-Call Schedules landing page
Pending Actions section of the On-Call Schedules user interface

Scheduled job for weekly gaps and conflicts report

Send a weekly report of gaps and conflicts in on-call schedules to the respective admin, shift managers, and group managers using the On-Call Gaps Conflicts Report.

Group Preferences module

Use this module to set the following group preferences for your group's on-call shift:

Shift overlap and escalation rule for overlaps
Time-off request approval
Shift managers

Overlapping shifts

Custom escalation policy type and escalation designer

Roster and escalation details

View the roster and escalation details of a group using any of the following options:

Shift cards on the On-Call Schedules landing page.
On-Call section in the Overview tab of the On-Call Schedules user interface.
Summary tab on the Major Incident Management workbench.
UI action on the Incident form.

Deletion or replacement of coverage on the calendar

Use the Delete coverage or Replace coverage UI actions to delete or replace a coverage from the on-call calendar.

Weekday for starting the roster rotation

Escalation in conference calls

On-Call Scheduling properties

Use the On-Call Scheduling > Administration > On-Call Properties module to access commonly used On-Call Scheduling properties that are organized into logical groups.

OnCallRotation

Use the following methods of the OnCallRotation () global API to manage overlapping shifts and custom escalation in on-call schedules:

getPrimaryUsers()
getPrimaryUserByRota()
getPrimaryUserNameByRota()
getEscalateesAt()

Operational Intelligence

Self-health monitoring: Monitor essential Operational Intelligence components and processes, and generate alerts about potential issues. Operational Intelligence uses pre-configured self-health monitors for Event Management which enables you to proactively remediate issues and minimize data loss.
Quick start tests for Operational Intelligence: Validate that Operational Intelligence still works after you make any configuration change such as applying an upgrade or developing an application. Copy and customize these quick start tests to pass when using your instance-specific data.

Performance Analytics

Analytics Hub: The Analytics Hub is the central interface where you assess, compare, and predict the performance of an indicator over time. Set on the indicator record whether that indicator is to be included in the Analytics Hub.
The Analytics Hub replaces the Detailed Scorecard.
New API for dynamic retrieval of analytics in formula indicators: The new methods retrieve calculated values from the Analytics Hub for use inside a formula indicator. The values are retrieved dynamically, as you change your selections in the Analytics Hub. This API simplifies scripting formulas, especially for indexing multiple indicators, getting changes in scores, or filtering particular breakdown and element combinations.
KPI Composer application on ServiceNow Store: KPI Composer ensures that your performance management strategy aligns with business goals and has support from executive sponsors. Use KPI Composer to bridge the gap between defining your performance measurement strategy and the realization of that strategy from within Performance Analytics. Start with your business goals and plan all your components through indicators up to the final dashboards.

Platform security

Instance security center: Monitor the compliance level of instance security controls, view security event monitoring metrics, and configure and maintain instance security settings all from within the Instance Security Center. The Instance Security Center consolidates several key security components into a single control console that helps you detect, protect, and respond to instance-based security events.

Policy and Compliance Management

Quick start tests for GRC: Policy and Compliance Management: Validate the continued functionality of GRC: Policy and Compliance Management after any configuration change such as an upgrade or after developing an application. All test suites and tests should pass on a default implementation. To validate a custom implementation, copy the automated tests and configure them for your customizations.
Attestation question bank: Compliance managers can add questions or categories from a control attestation to a question bank. Conversely, they can build a control attestation by adding questions and categories from the question bank.

Problem Management

Problem Management Best Practice — Madrid plugin

Problem Management Best Practice — Madrid — State Model plugin

Problem Management Best Practice — Madrid — Knowledge Integration plugin

State management

Manage a problem throughout its life cycle using these states: New, Assess, Root Cause Analysis, Fix in Progress, Resolved, and Closed.

Roles

Work on a problem and manage it through its life cycle with the Problem Co-ordinator [problem_coordinator], Problem Manager [problem_manager], and Problem Admin [problem_admin] roles.
Configure problem management settings and act as a problem coordinator with the Problem Manager [problem_ manager] and Problem Admin [problem_admin] roles.
Manage and delete problems and problem tasks with the Problem Admin [problem_admin] role.

Properties

Use properties to control features such as creating a problem task on a closed problem or re-analyzing a closed or canceled problem.

Business rules

The following business rules have been added for Problem:

Set State variables on Scratchpad
Update fields when Problem is Confirmed
Copy related records to original Problem
Update fields on Problem Closure
Update fields when Problem is Resolved
Raise an event when State changes
Cascade closure of Problem Tasks
Update fields on Re-analyzing a Problem
Sync Workaround fields

The following business rules have been added for Problem Task:

Set state in scratchpad for Problem Task
Check if problem task can be created
Check related Problem Task closure
Update re-assess (reopen) fields
Update Closed fields
Update Started fields
problem_task events

UI policies

The following UI policies have been added for Problem:

Show 'Workaround' when 'Workaround applied' is checked - Modal View
Make Problem State read only
Hide Resolution Code when state is not resolved or closed
Hide Duplicate of when Resolution code is not Duplicate
Hide 'Workaround communicated' and 'Workaround communicated by' fields when they are empty
Hide 'Fix communicated by', 'Fix communicated by' fields when they are empty
Show 'Workaround applied' only when 'Resolution code' is 'Risk Accepted'
Hide Closed By, Closed, and Close notes when Resolution Code is None
Hide 'Last reopened by', 'Last reopened at' fields when they are empty
Make 'Workaround' mandatory when 'Workaround applied' is checked
Hide Subcategory when Category is none
Priority is managed by Data Lookup - set as read-only

The following UI policies have been added for Problem Task:

Hide Other Reason when Cause code is not other
Hide Vendor when Cause code is not Vendor Issue
Hide Close code when State is not Closed

Data policies

The following data policies have been added for Problem:

Make 'Duplicate of' mandatory when 'Resolution code' is 'Duplicate'
Make 'Cause notes' mandatory when State is 'Fix in Progress'
Make 'Fix notes' mandatory when State is 'Fix in Progress'
Make 'Canceled reason' mandatory when Resolution code is 'Canceled'
Make 'Assigned to' mandatory when State is one of 'Assess', 'Root Cause Analysis', 'Fix in Progress', 'Resolved' or 'Closed'
Make 'Risk accepted reason' mandatory when Resolution code is 'Risk Accepted'
Make 'Resolution code' mandatory when State is 'Resolved'
Make 'Resolution code' mandatory when State is 'Closed'

The following data policies have been added for Problem Task:

Assigned to is required when state is one of 'Assess, Work in Progress or Closed' and Close code is not 'Canceled'
Fix notes is required when state is Closed Completed for RCA task
Cause code is required when state is Closed
Close notes is required when state is Closed for General task
Close notes is required when state is closed canceled for rca task
Vendor is required if Cause code is Vendor Issue
Other reason is required when Cause code is Other

Notifications

The following notifications have been added for Problem:

Problem Fixes Closed
Problem Tasks closed

Script includes

The following script includes have been added:

ProblemState
ProblemStateSNC
ProblemStateUtils
ProblemStateUtilsSNC
ProblemTaskState
ProblemTaskStateSNC
ProblemTaskStateUtils
ProblemTaskStateUtilsSNC
ProblemUtilsClientsSNC
ProblemV2Util
ProblemV2UtilSNC

Known Error articles

Use Known Error articles as reference material. The Known Error articles document the root cause and the workaround of the Problem to help with deflecting Incidents.

Contextual search

Communicate outcome

Communicate workarounds and fixes using related links, which notify related incidents that a workaround or fix is available.

Quick start tests for Problem Management

Project Portfolio Management

Rate Model

Resource Management

Derive hourly rates from the rate model during resource plan Request, Confirm, or Allocation stages.
Derive hourly rates for an operational resource plan using the Rate Model field on the operational resource plan form.
Use the com.snc.resource_management.plan.auto_async_threshold resource property to set the maximum number of daily resource allocation records that should be considered in synchronous mode during confirmation and allocation. The property improves the system performance when the number of allocation daily records is more than the value set in the property.
Use the com.snc.resource_management.plan.max_duration resource property to restrict the maximum number of days for which a resource plan can be created.

PMO Dashboard

Use the PMO dashboard to view trends of historical data as well as regular reports for your portfolios, programs, and projects. The dashboard is not available in Teamspaces.

Investment Portal

View the details of a demand from the demands list in the Timeline tab.
Open a project in the Planning tab in the Project Workspace from the projects list in the Timeline tab.
View the details of a cost plan from the cost plans list in the Financials tab.
Configure the default list of active investment widgets included on the new boards and on the existing boards that do not have widget selection configured.

Project Management

Associate a rate model with a project to derive hourly rates for the resource plans and time cards associated with the project.
Compare financial baselines to see the differences in the financials of a project between the two baselines.
Change the planned start date of a project using the Move project feature from the Planning Console or Project form.
When importing a Microsoft Project file into a project with subprojects on the ServiceNow instance:
- The WBS order of imported tasks is regenerated after import.
- The Planned Start Date and Planned End Date of the parent project are rolled up.
- The State of the parent project and tasks are rolled up.
- The % Complete on the top task is rolled up.
To view the project name of an external dependency, point to the link icon () in the Planning Console.

Demand Management

Associate a rate model with a demand to derive hourly rates for the resource plans associated with the demand.
Compare financial baselines to see the differences in the financials of a demand between the two baselines.
Define the business investment for a demand using the Investment Class and Investment Type fields in the Demand form.
Trigger a notification email to the portfolio stakeholders when an assessment is sent to them by moving a demand to Screening.

Quick start tests for Project Portfolio Management

Reporting

Quick start tests for Reporting: Validate the continued functionality of Reporting after any configuration change such as an upgrade or after developing an application. All test suites and tests should pass on a default implementation. To validate a custom implementation, copy the automated tests and configure them for your customizations.

Risk Management

Quick start tests for GRC: Risk Management: Validate the continued functionality of GRC: Risk Management after any configuration change such as an upgrade or after developing an application. All test suites and tests should pass on a default implementation. To validate a custom implementation, copy the automated tests and configure them for your customizations.
Risk assessment question bank: Risk Managers can add questions or categories from a risk assessment to a question bank. Conversely, they can build a risk assessment by adding questions and categories from the question bank. Risk managers can copy the whole risk assessment.
Continuous monitoring for vulnerabilities with public exploits affecting critical business services: Through integration with Vulnerability Response, risk administrators, managers, or users can monitor critical vulnerabilities through indicators, which enables them to observe the effect on risk posture.

Scaled Agile Framework (SAFe)

Portfolio SAFe

Use Portfolio SAFe to align your organizational goals and strategies with your portfolios, and apply lean and agile principles to manage and deliver the portfolio work.

Portfolio SAFe works at three levels for portfolio managers, product managers, and team members.

At the Portfolio level, portfolio managers can capture and prioritize epics in a centralized backlog, and monitor the progress of epics in a visual task board.

At the Agile Release Train (ART) level, product managers can capture, prioritize, and monitor features that are broken out from epics.

At the Team level, team members can implement stories that are broken out from features.

Bulk actions

For more information on performing bulk actions:

On the ART backlog, see Manage your ART backlog.
On the Team backlog, see Manage your team backlog.

Quick start tests for Essential SAFe

Performance Analytics Content Pack for Essential SAFe

Security Incident Response

Features available from the ServiceNow Store:

Enhancements to User Reported Phishing

This release includes significant enhancements to the existing User Reported Phishing functionality. You can:

Aggregate duplicate or similar user reported phishing submissions to a single incident and consolidate incident response actions.
Extract email headers from .eml attachments or the body of the email.
Display email headers in a Related List in the security incident record.
Report phishing emails through the service catalog.
Configure how the email header information is extracted from the email body. You can choose to:
- Extract all email headers or select some of them.
- Aggregate similar email submissions as child security incidents to an existing parent security incident.
- Specify the order in which the email ingestion rules are applied.

Splunk Enterprise Security Event Ingestion for Security Operations

Security Incident Response

Setup Assistant is part of the Security Incident Response plugin available in the ServiceNow Store

Sighting Search for Phishing and Malware Response

Flow Designer and Actions for Incident Response playbooks

Performance Analytics SOC Efficiency dashboard

View metrics that help measure the individual performance of the security analysts.
Measure the overall response time of the SOC in addressing valid security incidents.
View risk scores to assess the amount of risk reduced through incident response actions.
Get better insight into the incident analysis stage to analyze bottlenecks in the incident response procedures.

Malware playbook flow template

Service Catalog

Multiple catalog support in Service Portal

Enable requesters to browse and search for items across multiple catalogs by adding these catalogs to the Catalogs related list when configuring a portal.

Portal settings

Define the catalog item behavior in Service Portal using portal settings. You can configure the following settings for a requester:

Request method.
Display of the quantity and delivery time of the item.
Options to add an attachment to the item, or make the attachment mandatory.
Options to add the item to the wish list or cart.

When you upgrade to Madrid, if the No cart or No quantity fields are already selected in the Now Platform®, a migration script propagates these settings to the portal settings.

My Requests menu in Service Portal

Service Catalog enhancements for Automated Test Framework

Write automated end-to-end tests for requester flows to validate the following for Service Catalog:
- Order guide in Service Portal.
- Multi-row variable sets of a catalog item in Service Portal.
- Variable editor in the Now Platform®.
Note: When you upgrade or modify an instance, run these tests to confirm that the instance still works as designed.
All Service Catalog step configurations support parametrized tests.

Mobile experience for a fulfiller

Approve catalog requests, requested items, or change requests using the ServiceNow Agent application.

User Criteria Diagnostics

Debug whether a user can access a catalog item based on the associated user criteria and fix issues without contacting ServiceNow Technical Support.

Regular expressions for variable validations

Use a regular expression (regex) to validate the value that is entered for a Single Line Text or Wide Single Line Text variable.

Request cloning in Service Portal

Clone a submitted request by selecting multiple users in the Also request for list of the Additional Actions section.

Embedded catalog approval request within the Outlook email client

Enhanced scoping support

Reference any request item variable from a script in a scoped environment.

Response parameters for methods in Service Catalog REST API

Use the parent_id and parent_table parameters that are added in the response body of the following methods:

checkout
checkout_guide
submit_order
submit_producer
order_now

Service Level Management

SLA offline support: Provides support for accurate SLA timing for tasks updated from the ServiceNow mobile client while offline. Field service agents sometimes work offline at customer locations, and updates to their tasks are cached on their mobile devices. The data can be synchronized and repaired as needed when the field service agent is back online.
Maximum allowed duration for SLAs: In the Maximum duration allowed in SLA Definition (com.snc.sla.maximum_duration) property, specify the maximum time that an SLA can run. The default is 1095 days (3 years).

Service Mapping

Support for huge payloads: Attention: The method used by the MID Server to prevent out-of-memory errors when handling very large payloads did not perform as well as anticipated. These controls were removed from Madrid Patch 1 for additional development and will be restored later.
Configure the MID Server to temporarily save data used during pattern-based discovery in files on the MID Server instead of in random-access memory (RAM). Once Discovery and Service Mapping finish discovering and identifying the configuration items (CIs), the data used for discovery is saved from the MID Server.
Quick start tests for Service Mapping: Validate that Service Mapping still works after you make any configuration change such as apply an upgrade or develop an application. Copy and customize these quick start tests to pass when using your instance-specific data.

Service Portal

Error messages appear for invalid TinyMCE property configurations: View an error message when you enter an invalid entry for TinyMCE toolbars, fonts, and font families.
Use multifactor authentication with Service Portal: Configure your instance to support multifactor authentication for login in Service Portal. If you configure your instance to require multifactor authentication, your users are automatically directed to set up multifactor authentication upon initial login. For setup instructions, see Set up multifactor authentication upon initial login. If multifactor authentication is optional on your instance, your users can still enable or disable authentication from their user profile.
Use date picker with screenreader and keyboard: Access date picker in Service Portal via screen reader, mobile screen reader, mouse and keyboard, and touch devices.
Activate La Jolla theme branding: Activate the Service Portal La Jolla brand to apply the latest ServiceNow branding, which meets WCAG-AA standard for color contrast. This plugin is active by default on new instances, but you must activate the plugin on instances that are upgraded from earlier versions.
Performance Analytics Content Pack for Service Portal: The Performance Analytics Content Pack for Service Portal enables service delivery executives to improve user engagement with your organization's portals by tracking the usage of portals in preconfigured indicators and data visualizations. For details on system requirements, view the application listing on the ServiceNow Store website.

Service Portfolio Management

Service Level Management: Service Level Agreement (SLA) commitment support functionality is added to Service Portfolio Management by integrating with ServiceNow® Service Level Management.

Software Asset Management

SAP publisher pack

Use the SAP publisher pack to identify user access and named user assignments in a SAP environment to compare against signed SAP contracts. Identify non-compliant scenarios for named user licensing and optimize named user assignments based on user attributes.
SAP dashboard using Performance Analytics is activated with this publisher pack to forecast compliance and consumption.

License Workbench

Use the License Workbench to view reconciliation results for a given publisher from a single location to remediate compliance without clicking through the hierarchy of results.

Normalization and Content Service dashboard

Use the Normalization and Content Service dashboard to see current normalization rates and health of the content service in one view.

Reclamation by software last-used date

Identify and reclaim unused software using the last-used (activity) date as a proxy for usage metering data. The software last-used date can be collected using SCCM 2016 or SCCM 2012.

Quick tests for Software Asset Management

Subscription Management

Support for platform subscriptions that include custom table entitlements: Use the Subscriptions module to allocate custom tables that are created in a production instance against custom table entitlements in certain subscriptions. A usage administrator allocates custom tables only if a subscription contains custom table entitlements.

System Clone

Admins can roll back a clone: Roll back clones for up to seven days from the date a cloning completes.

Test Management 2.0

Test Board

Track, manage, and complete your testing activities from an intuitive user interface called the Test Board.

Aggregate all your test plans and view them as cards in a single location. At a glance, you can review key details of your test plans, such as start date, end date, and percentage of tests that have passed and failed.
Create a test plan in the Test Board, and structure the test plan in the Planning tab. The Planning tab is built from the Test plan work item hierarchy and Gantt chart components.
Break down the test plan into phases to precisely plan what must be tested and when.

Standalone test execution suite

Quick start tests for Test Management 2.0

Threat Intelligence

Threat Intelligence: You no longer need to wait for the platform family release of Threat Intelligence to enjoy new features, updates, and fixes. The latest version of Threat Intelligence is published in the ServiceNow Store and available for download.
Threat Intelligence Integrations: The latest versions of third-party malware-detection software packages that integrate with Threat Intelligence are now available for download on the ServiceNow Store.

Time Card

Reject a time sheet: Use the Reject button on the Time Sheet Portal to reject a time sheet. Pre-Madrid, the Reject button was available only on the Time Sheet form.

Trusted Security Circles

Trusted Security Circles: You no longer need to wait for the platform family release of Trusted Security Circles to enjoy new features, updates, and fixes. The latest version of Trusted Security Circles is published in the ServiceNow Store and available for download.

Themes

Select from two new themes in the system settings window. The cobalt and cobalt contrast UI themes use the same styles as the previous UI.

Theme previews (under System Settings > Themes) have been updated so that the colors are determined by three configurable variables. The following variables provide the colors for the theme preview.

$navpage-header-bg
$navpage-header-color
$nav-highlight-bar-active

For more information on customizing a theme, see Create or customize a theme.

Base theme property

La Jolla: The default base system theme. The properties for this theme are consistent with the new branding.
Cobalt: The properties for this theme match the previous branding.

Keyboard shortcut preferences

Determine which keyboard shortcuts are available to users from the list of user preferences.

Vendor Risk Management

Vendor assessment resubmission process: Vendor risk managers or assessors can return assessments to vendors with comments explaining the need for further information. Vendors can resubmit the requested responses and also communicate with the vendor risk manager through comments in the Notes and Comments section under a Questionnaire or Document Request. This real-time communication provides an easier and more timely resubmission of the assessment.
Issue creation based on response: Using issue generation rules, issues can be created automatically when a vendor selects the incorrect answer. Vendor risk managers can also create issues manually during review of the vendor response.
Vendor risk assessment question bank: Vendor risk managers can add questions or categories from a questionnaire, document request, or tiering questionnaire to a question bank. Reversely, they can build a questionnaire, document request, or tiering questionnaire by adding questions and categories from the question bank. Vendor risk managers can copy the whole questionnaire, document request, or tiering questionnaire.

Virtual Agent

Messaging integration with Workplace by Facebook

No-code topic authoring in Virtual Agent Designer

Use no-code controls during conversation design instead of using JavaScript for:

ServiceNow (GlideRecord) queries
ServiceNow (GlideRecord) inserts and updates
Dynamic display logic
Decision branching logic

Virtual Agent Overview dashboard

Vulnerability Response

Features available from the ServiceNow Store

Enhanced Change management for Vulnerability Response

Create pre-populated change requests of varying types (emergency, standard, or normal).
Associate vulnerability groups to existing change requests.
Split large vulnerability groups into manageable chunks.
Resolve vulnerability groups automatically after change requests are implemented using automated state synchronization.

Software exposure assessment using Software Asset Management (SAM)

Vulnerability Solution Management

Available as a separate subscription within Vulnerability Response, Vulnerability Solution Management contains the Microsoft Security Response Center Solution Integration.

Preferred Solution values can be set on the vulnerable item or the vulnerability. When set on the vulnerability, all vulnerable items associated with the vulnerability inherit that solution.

Common Vulnerability Exposure (CVE) vulnerabilities with long summaries can cause excessive cell heights in the vulnerability list view on solution records.

Risk Score calculator enhancements

The Default Risk Calculator and Vulnerability Severity calculators are shipped with the base system.

Vulnerability Calculators have replaced Vulnerability Calculator Groups for calculating the base Risk Score.

for remediation specialists Remediation Owner Role for remediation specialists for remediation specialists

Vulnerability Response

Setup Assistant is part of the Vulnerability Response application available in the ServiceNow Store

Vulnerability Response overview homepage

Version 7.0: The Vulnerability Response Overview homepage has become a responsive dashboard.

Performance Analytics - Content Pack - Vulnerability Response

Exploit enrichment

Version 7.0: Exploit information imported from third-party integrations has been added to vulnerability entries. Use exploit information to prioritize which vulnerabilities to address first.

CVSSv3 support

Vulnerability Assignment Rules

Version 7.0: You can define the assignment rules at the vulnerable item level. These assignment rules apply to the group rules by default, and group vulnerabilities by assignment group.

Vulnerable Item Risk Rating

Version 7.0: A new Risk Rating field on vulnerable item breaks the existing 0-100 risk score tiers into five tiers (Critical, High, Medium, Low, and None) for easier reporting and prioritization.

Normalized Severity

Updated default form and list views

ACLs were updated to ensure that fields that should not be modified are marked read-only.

New in existing integrations

Rapid7 Vulnerability Integration

Version 9.0: Manually create sites for Rapid7 InsightVM to use with site filtering in Vulnerability Response.

Version 9.0: Rapid7 InsightVM Host Tags become available for use in the Condition filter across Vulnerability Response. For example in Assignment Rules, Remediation Target Rules and so on.

Version 9.0: Filter using Rapid7 Sites and CVSS data.

Note: Rapid7 has a volume limitation on the use of the Site filter. If total assets are 10,000 or more, it sends a 500 internal server error. Rapid7 is tracking this issue in support ticket EA-3945.

Version 7.1: Adds exploit data import for both the Data Warehouse and InsightVM integration types.

Note: To migrate from the Rapid7 Nexpose vulnerability integration see KB0743164.

Qualys Vulnerability Integration

Version 8.0: Populates Preferred Solution for vulnerable items with the same Preferred Solution as its vulnerability.

Version 8.0: Creates National Vulnerability Database (NVD) records for Qualys KnowledgBase imports by default.

Version 8.0: The latest version of Qualys Vulnerability Integration is published in the ServiceNow Store and available for download.

Tenable for Vulnerability Response v2.x

Note:

When Tenable for Vulnerability Response v2.x vulnerabilities are imported before their corresponding National Vulnerability Database (NVD) entries, those vulnerabilities are not associated with the NVD vulnerabilities later. Ensure that NVD imports are up to date, and periodically reimport the Tenable for Vulnerability Responsev2.x vulnerabilities.
Tenable for Vulnerability Responsev2.x doesn't currently support Normalized severity.
Tenable for Vulnerability Responsev2.x populates exploit information in the Tenable for Vulnerability Response Additional Findings fields.

New integrations

Microsoft Security Response Center Solution Integration

Shodan Exploit Integration

Version 7.0: Shodan Exploit Integration imports exploit information that helps you prioritize the vulnerabilities in your environment based on risk.

This integration enables exploit information enrichment that helps you understand the following exploitability metrics to prioritize the remediation of vulnerabilities:

Is there any exploit associated with the vulnerability?
What skill level is required to exploit the vulnerability based on the exploit code rank?
What is the exploit attack vector? Can the vulnerability be remotely exploited?

Quick start tests for Vulnerability Response

Walk-up Experience

Agent Workspace for Walk-up Experience fulfillers

Access a personal inbox where interactions are automatically pushed for assignment based on schedules and rule configurations in the Advanced Work Assignment feature.
Open an incident or request consumables directly from an interaction.
Consume assets directly from an associated stockroom.
Access relevant knowledge base information.
Display the ability to accept walk-up interactions via an availability toggle.
Enable channels other than Walk-up, such as Chat or traditional Incident Management, to remain productive when the walk-up queue is not busy.

Walk-up appointment scheduling

Schedule appointments online or onsite to receive IT support at a walk-up queue location. You can cancel an appointment, as well as reschedule an existing appointment. Scheduling places you at the head of the queue at your appointment time.
View upcoming appointments scheduled for a walk-up queue. Managers and technicians can view appointments to best plan for interaction demand. Appointments can be viewed in platform view or in Agent Workspace.
Receive a reminder notification for an upcoming scheduled appointment 15 minutes prior to the appointment.
Configure custom appointment scheduling by location.

Walk-up queue length notification

Walk-up support when a queue is closed

Tables

Use the Walk-up Appointment [wu_appointment] table to configure scheduled appointments.

Walk-up service channel

Use the Walk-up service channel to route walk-up interactions. Work items originate from the Advanced Work Assignment feature. Configure the channel to meet your needs. The Walk-up service channel includes a default assignment inbox layout. Inbox capacity represents the number of walk-up interactions a technician can work on concurrently. By default, the capacity is set to 1.
Configure the Service channel field on the Walk-up Location Queue form to specify Walk-up channel.
Route work items to the correct queue location by specifying the Walk-up service channel in the Queue [awa_queue] table.

Web services

Added support for sysparm_query_no_domain in Table API

The Table API supports the sysparm_query_no_domain parameter:

false (default): Exclude the record if it is in a domain that the currently logged in user is not configured to access.
true: Include the record even if it is in a domain that the currently logged in user is not configured to access.

Note: The sysparm_query_no_domain parameter is available only to system administrators or users who have the query_no_domain_table_api role.

RESTMessageV2 and SOAPMessageV2 API timeout

How search works:

Topics are ranked in search results by how closely they match your search terms

New features and products in Madrid

New features and products in Madrid

On this page

New features and products in Madrid

New features and products in Madrid

Log in to personalize your search results and subscribe to topics