ReversingLabs Integration with ServiceNow

ServiceNow manages SBOMs, but many vendors don’t provide them. Spectra Assure® generates SBOMs from binaries and fills the gaps in ServiceNow’s SBOM ecosystem.

service now logo white text

Populate the ServiceNow platform with an SBOM generated from Spectra Assure

Managing software supply chain risk in the ServiceNow Now Platform

Want things automated?

Try using our APIs.

Spectra Assure and ServiceNow have REST APIs that can be leveraged to automate this SBOM generation & ingestion workflow. See below links for API documentation:

Download SBOM from Spectra Assure: Read here
Upload SBOM to ServiceNow: Read here

Available RL Use Cases With SBOM Workspace

alerts on Now platform

Custom Alerting Rules

Within the Now Platform, users can create custom Application Vulnerable Items (AVI) rules that highlight an issue if certain conditions are met. For example, a custom rule to detect the Log4Shell vulnerability identified within any of the SBOMs being examined. For each AVI identified, a ticket is created to facilitate remediation actions, responsible owner, status tracking, risk reporting, etc.

BOM entity analysis

SBOM Inspection

All uploaded SBOMs are categorized as a “BOM Entity” (comparable to “Software Version” in Spectra Assure). By selecting a BOM Entity, users can view all components and dependencies that make up a software version, including their corresponding vulnerabilities. Within an SBOM, additional information will be displayed at the component level to support the investigation, such as the number of component versions behind the latest release and what other BOM entities rely on that component.

software components summary

Component Summary

Using the components tab, users can view a summary of all software components uploaded. ServiceNow enriches these components with additional intelligence for consideration, such as if any of the components detected are stale (> 2 major versions behind the latest) or abandoned (latest component version > 2 years old).

summary screen dashboard

SBOM Entity Summary

On the Home tab, users can view a summary of all software versions (e.g. BOM entities) uploaded and how many AVIs have been identified across the entire software ecosystem.

Learn more about ReversingLabs’ integration capabilities.

Awards

list of award icons won by RL in 2024 and 2025

Back to Top