ServiceNow CMDB Ingest For Identity Protection sample Foundry app

The ServiceNow CMDB Ingest For Identity Protection sample Foundry app is a community-driven, open source project which serves as an example of an app which can be built using CrowdStrike's Foundry ecosystem. foundry-sample-servicenow-idp is an open source project, not a CrowdStrike product. As such, it carries no formal support, expressed or implied.

This app is one of several App Templates included in Foundry that you can use to jumpstart your development. It comes complete with a set of preconfigured capabilities aligned to its business purpose. Deploy this app from the Templates page with a single click in the Foundry UI, or create an app from this template using the CLI.

[!IMPORTANT]
To view documentation and deploy this sample app, you need access to the Falcon console.

Description

This app integrates CrowdStrike’s Identity Protection (IDP) with ServiceNow’s Configuration Management Database (CMDB) to automatically manage access policies. The application bridges the gap between ServiceNow access approvals and IDP policy enforcement, eliminating manual synchronization processes. It ensures users can only access servers and applications they are explicitly authorized to access through ServiceNow requests, effectively preventing lateral movement within the network.

Target users include organizations that use both CrowdStrike IDP and ServiceNow CMDB for access management, particularly those concerned with maintaining strict access controls while streamlining administrative workflows

Prerequisites

• The Foundry CLI (instructions below).
• Python 3.13+ (needed if modifying the app's functions). See Python For Beginners for installation instructions.

Install the Foundry CLI

You can install the Foundry CLI with Scoop on Windows or Homebrew on Linux/macOS.

Windows:

Install Scoop. Then, add the Foundry CLI bucket and install the Foundry CLI.

shell scoop bucket add foundry https://github.com/crowdstrike/scoop-foundry-cli.git scoop install foundry

Or, you can download the latest Windows zip file, expand it, and add the install directory to your PATH environment variable.

Linux and macOS:

Install Homebrew. Then, add the Foundry CLI repository to the list of formulae that Homebrew uses and install the CLI:

shell brew tap crowdstrike/foundry-cli brew install crowdstrike/foundry-cli/foundry

Run foundry version to verify it's installed correctly.

Getting Started

Clone this sample to your local system, or download as a zip file and import it into Foundry.

shell git clone https://github.com/CrowdStrike/foundry-sample-servicenow-idp cd foundry-sample-servicenow-idp

Log in to Foundry:

shell foundry login

Select the following permissions:

• [ ] Create and run RTR scripts
• [x] Create, execute and test workflow templates
• [x] Create, run and view API integrations
• [ ] Create, edit, delete, and list queries

Deploy the app:

shell foundry apps deploy

[!TIP] If you get an error that the name already exists, change the name to something unique to your CID in manifest.yml.

Once the deployment has finished, you can release the app:

shell foundry apps release

Next, go to Foundry > App catalog, find your app, and install it. Go to Fusion SOAR > Workflows to see the scheduled workflow from this app.

About this sample app

Refer the app docs

Foundry resources

• Foundry documentation: US-1 | US-2 | EU
• Foundry learning resources: US-1 | US-2 | EU

WE STOP BREACHES