4
2.1.13
Australia, Zurich, Yokohama
Integration
Application Enforcer for ServiceNow, enables enterprises to configure, administer, enforce, and audit ServiceNow data authorization policies from a central location.
- Attribute-Based Access Control (ABAC): Control access to data, business transactions, and batch processes based on policies that examine attributes of the data being accessed, the context of the request, and the user's identity.
- Centralized Policy Management: Centrally manage and review authorization policies across all your applications and services.
- Dynamic Runtime Policy Enforcement: Performs evaluations dynamically using the real-time value of the attributes specified in the policies to determine if a user is authorized to access the data at runtime or perform the business transaction in question.
- Granular Data Filtering: Users can only view requests, incidents, or other data they have been granted access to.
- Safeguarding of Business Transactions: Users can be given the permission to view a set of accounts and other entities while being authorized to edit, create, and delete a subset of these records.
- Enforcement of Segregation of Duties: Prevent segregation of duties (SoD) and other compliance violations in real-time across all ServiceNow applications.
- Centralized Audit and Monitoring: Tracks user activities and data access across all ServiceNow applications in a central audit server, simplifying compliance management.
New Features
- Added two new masking types: Random Tokenization and Deterministic Tokenization.
- Support masking reference-type columns via dot-walk fields (e.g., cmdb_ci_hardware.name) in mask_field parameter.
- Introduced configurable masking fallback URI block list; all data blocked by default when accessing enforced tables via mask obligation in workspace.
Updates
- Updated default value of cloudaz_application_url.
Known Issues
- Record Follow and notification functions do not support field masking.
- ACLs and Business Rules using enforcement core with Advanced mode enabled require manual creation.
No.
Other Requirements:Application Enforcer for ServiceNow is integrated with NextLabs CloudAz, a centralized policy management platform in the cloud.