Guide

Configuring ServiceNow Bidirectional Sync

2 min read

Get the document

Tell us where to send it. The PDF lands in your inbox in under a minute.

About

About this guide

From encrypted connector credentials to a closed loop: impact and urgency mapping, change requests, the inbound webhook receiver, the five-minute poller, and SLA visibility.

This guide walks you through standing up a ServiceNow ITSM integration whose credentials are encrypted at rest and verified with an inline connection test before any finding is escalated. You will map PMAP severity to ServiceNow impact, urgency, and category so incidents are raised with the correct values automatically. The result is a bidirectional sync where vendor-side state changes flow back to the PMAP finding without per-finding clicks.

Configuring ServiceNow Bidirectional Sync
The org-wide Tickets workbench: every ServiceNow incident linked to a finding, with status, ticket reference, integration, SLA, and re-sync controls in one filterable view.

It is written for security and ITSM owners who need findings and tickets to stay in step. By the end you will be able to create an incident from a single finding, raise a change_request when remediation needs change management, wire and verify the inbound webhook receiver, and rely on the five-minute TicketPoller as a reconciliation safety net while reading vendor-side SLA in the Tickets workbench.

Inside this guide

  • Create the ServiceNow integration record and confirm credentials are encrypted at rest.
  • Test the connection and check the connector account permissions.
  • Map severity to impact, urgency, and category, then add status-to-status mapping rules.
  • Dry-run the mapping before you commit and create an incident from a finding.
  • Raise a change_request when remediation needs change management.
  • Wire and verify the inbound webhook receiver with token verification.
  • Rely on the poller and re-sync, read SLA, and escalate at scale with bulk creation and presets.

Before you start

  • A PMAP account permitted to create and update integration records, since integration writes are auth-protected.
  • A ServiceNow account for the connector with permission to read and write the incident and change_request tables, plus the sys_choice values you intend to map.
  • The PMAP instance reachable from the ServiceNow network if you plan to use webhook auto-setup, since an on-premise instance behind a firewall registers the webhook manually instead.
  • At least one completed scan import in PMAP so the Findings queue holds real findings to escalate into ServiceNow.
  • Your organization’s severity policy, so you know which PMAP severity should map to which ServiceNow impact, urgency, and category.

All resources

Keep exploring

Related resources

See it live

Ready to see PMAP in action?

Talk to our team or jump straight into a guided tour of the platform.

We use your email only to set up your guided tour. No marketing drip, no third-party tracking.