Instance Security Center to ServiceNow Security Center migration

  • Release version: Yokohama
  • Updated January 30, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Instance Security Center to ServiceNow Security Center migration

    ServiceNow is transitioning customers from the legacy Instance Security Center (ISC), which will reach end of sales by September 2024, to the enhanced ServiceNow Security Center (SSC). SSC offers a modernized security application with purpose-built tools that help organizations improve their ServiceNow deployment security, compliance, and user experience.

    Show full answer Show less

    This migration guide highlights the key functional differences between ISC and SSC, helping customers understand how to perform their existing security management tasks within SSC’s improved framework.

    Key Features

    • Security Hardening: SSC allows customers to review and manually update compliance scores more intuitively via Overview and Hardening pages. Configuration edits are streamlined through direct links on multiple pages. Compliance score recalculation can be scheduled using the Scheduled Script Executions table, enabling automated refreshes aligned with organizational needs.
    • Security KPIs and Metrics: SSC consolidates KPI and metric monitoring into a single interface with advanced analytics. Over 65 new metrics have been added, and users can now track score trends over time and set targets or thresholds for metrics, enhancing proactive security management.
    • Security Scanner: SSC introduces new capabilities including the manual or scheduled execution of scans, creation of custom scan checks and suites, and comparison of scan results. Email notifications can be configured for security events, improving timely awareness and response.
    • Additional Security Features: Session monitoring is enhanced with visualization through the Analytics Hub and accessible session activity tracking under Metrics. All learning resources are centralized in a single page for easier access, supporting user education and adoption.

    User Interaction Updates

    • SSC provides simplified navigation for security tasks such as running scans, viewing results, and managing metrics.
    • Configuration and settings updates are more accessible from multiple locations within the application.
    • Email notifications and scheduling features allow for automated and proactive security operations.

    Practical Implications for ServiceNow Customers

    ServiceNow customers currently using ISC should plan to migrate to SSC to leverage its enhanced security capabilities, automation options, and improved user experience. SSC supports better compliance management through automated scheduling and richer metric tracking, enabling more effective security posture monitoring.

    Customers can customize scans and alerts to fit their environment and use consolidated dashboards to analyze security trends and KPIs efficiently. The migration ensures continued security support beyond ISC’s end of sales date while providing modernized tools to address evolving security requirements.

    Next Steps

    • Review current ISC configurations and identify equivalent SSC features for continuity.
    • Set up SSC’s scheduled compliance score recalculations and email notifications for proactive monitoring.
    • Explore SSC’s new metrics and scan customization capabilities to enhance security oversight.
    • Access SSC learning resources to facilitate team training and smooth transition.
    • If necessary, follow guidance to disable ISC components while maintaining SSC functionality.

    Learn the key differences when migrating from Instance Security Center (ISC) to ServiceNow Security Center (SSC).

    Important:

    Instance Security Center is a legacy product that will reach the end of sales by September 2024. ServiceNow Security Center is the recommended solution for customers to adopt going forward. For more information, see the deprecation process article (KB0867184) in the Now Support knowledge base.

    ServiceNow Security Center (SSC) is a security application that consists of a set of purpose-built tools designed to help organizations maintain the security of their ServiceNow deployments. Using SSC, organizations can improve their security posture, strengthen their compliance levels, and do so with a seamless user experience.

    Use this document to learn about SSC enhancements in functionality and how to execute tasks in SSC that were previously done in ISC.

    Security hardening

    Feature enhancements ISC vs SSC
    User interaction updates
    • Review latest score by navigating to the Overview or hardening comparison page.
    • Manually update latest score by navigating to Overview and selecting update score.
    • Change setting configuration by selecting a setting name link on any of these pages and then make edits on the Settings detail page:
      • Overview
      • Hardening > All settings
      • Hardening > Comparison
    Set a schedule for to recalculate your compliance score Using SSC, you can set when the system triggers a refresh of your compliance score.
    1. Navigate to the Scheduled Script Executions [sysauto_script] table.
    2. Find and open the SC - Calculate Compliance Monthly record.
    3. Use the Run, Day, Time zone, and Time fields to set your preferred schedule. Fields used to configure compliance calculation schedule
    4. Select Update to save your changes.

    Security KPIs and metrics

    Feature enhancements ISC vs SSC
    Enhancements to KPIs Using SSC, you can:
    • See the trend of the score over time.
    • Monitor all KPIs and metrics using the same interface and analytical capabilities.
    Enhancements to metrics SSC includes these metrics enhancements:
    • Over 65 metrics have been added.
    • Monitor and analyze KPIs and metrics from a single user interface.
    • Create targets and thresholds for metrics.
    User interaction updates Access Metrics in SSC by navigating to Overview > Metrics, and then selecting metric from the navigation menu. Alternatively, you can navigate to All metrics.

    Security scanner

    Feature enhancements ISC vs SSC
    New functionality SSC includes these functions:
    • Manually execute scans or schedule them to run at specific times.
    • Create your own scan checks.
    • Create your own scan suite.
    • Compare the results of two scans.
    Enhanced email functionality Set up email notifications to stay informed about security events on your instance.
    User interaction updates
    • Run the Auditor scan by navigating to Overview > Scan > Suites and selecting Auditor suite from the list.
    • See scan results by navigating to Overview > Scan > Results.

    Additional security features

    Feature enhancements ISC vs SSC
    Monitor sessions functionality
    • Visualize session activities using the Analytics Hub.
    • Monitor session activity by navigating to Metrics > Sessions.
    Find resources Access all learning resources in a single page at Overview > Learning.

    Opt out of Security Center features

    To disable Security Center features on your instance, follow the steps provided in KB1702514: Guidelines to disable Instance Security Center components (while using Security Center).