The Instance Security Hardening Settings content contains detailed descriptions and compliance values for the security-related system properties and plugins in the Now Platform. You can set most of these properties in the Hardening Compliance Configuration page in the Instance Security Center.

Important:

Instance Security Center (ISC) has reached the end of sales as of September 2024, and is no longer supported or available for new activation.

ServiceNow Security Center (SSC) is the recommended solution going forward. For more information, see Instance Security Center to ServiceNow Security Center migration.

Overview and purpose

The Instance Security Center calculates a Daily Compliance Score, expressed as a percentage. It is based on how compliant your current instance security settings are with the compliance values in Instance Security Hardening Settings.

Using its Hardening Compliance Configuration page, you can manage the specific security configuration settings that may affect the score for your instance. To learn more about ensuring your instances meet hardening requirements, see:

Consult the Instance Security Hardening Settings whenever you set or update security-related properties, even if some of the compliance values may not be suitable for your instance. When you are updating these properties, ensure that the instance continues to behave as expected. Consult with the appropriate internal personnel who have the expertise to determine the security impacts.

Other resources

For user reference, the Now Platform maintains extensive configuration capabilities information in the product documentation. You access most of the security content using the links found in Secure your instance. Also, see the following:

Instance security hardening tables

Security configurations table

Records in the Security Configurations [isc_security_configurations] table contain the details of a security configuration. Within a record you can find the description of a configuration, its compliance state and other important details.

Use the security configurations record to see all the properties and dependencies you need to configure to make your configuration compliant in one place.

Within the security configurations record you can see the related security dependency and dependency groups records associated with this configuration.

Security dependencies table
Records on the security dependencies [isc_security_dependencies] table define the inbound criteria and outbound criteria, as well as a recommended type. This type defines how the dependency displays in the instance security center.
Dependency groups table
Use records on the dependency groups [isc_dependency_groups] table to group multiple dependencies together. All the dependencies in a group must be compliant in order for the group to be considered compliant.