The Symantec DLP integration supports the ingestion of Data Loss Prevention Incident Response incidents created on the Symantec Data Loss Prevention Incident Response deployment. After ingestion, you can use the incident management functionalities to remediate the DLP incidents.

Request apps on the Store

Visit the ServiceNow Store website to view all the available apps and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.

Overview and key features

The Symantec DLP integration helps companies to track the usage and movement of sensitive data on various platforms.

This integration includes the following key features:
  • Ability to create multiple integration profiles for different Symantec API endpoints.
  • Scheduled ingestion of DLP incidents from Symantec into your ServiceNow instance.
  • Ability to apply API filters to retrieve the incidents that match the filter criteria and also specify the filter for Symantec DLP incidents that are required to be imported.
  • Ability to store the evidence file internally in the ServiceNow instance.
  • Ability to map the DLP incident states in your ServiceNow instance to DLP incident states in Symantec.
  • Automatically update incident status in Symantec when the state changes in your ServiceNow instance.
  • Ability to customize and define the severity mapping between Symantec DLP incidents with ServiceNow incidents.
  • Ability to download the evidence file for Symantec incidents from directly Symantec server or from internal ServiceNow storage.
  • Supports smart response rules from ServiceNow.

To learn more about the integration, see the Symantec product documentation.