Integrations / ServiceNow

ServiceNow

Automate change management with the seamless integration between ServiceNow’s DevOps Change Velocity (DCV) and JFrog AppTrust. The ServiceNow and JFrog integration helps organizationsRead More >

enforce evidence-based policies to business applications, driving toward auditable enterprise governance and compliance workflows. Read Less >

Start Free Book a Demo

ServiceNow Evidence Integration Features

Automated Change Requests

Whenever you promote a new application version to a pending approval stage in JFrog AppTrust, the system automatically generates a change request in ServiceNow. This request is populated with key details like release content, package information, and a direct link to the JFrog AppTrust application version.

Change Request Evaluation with the Full SDLC Context

When the system creates a change request in ServiceNow, it automatically retrieves all relevant evidence from JFrog’s Evidence Collection. ServiceNow DCV then leverages this SDLC evidence to automatically apply policies and decide whether to approve or reject the change.

Bi-Directional Traceability and Governance

Once the system approves a change request in ServiceNow, JFrog ingests the ServiceNow change request approval as crucial evidence on the application version. ServiceNow then performs the Release operation on the JFrog AppTrust application version. In this workflow, you can set unified policies that prevent releases from advancing without the proper ServiceNow change approval.

Detailed Capabilities: 

  • Provides contextual evidence for IT and operations teams to make fast, informed decisions for change management requests
  • Automates change approvals based on risk and policy, reducing manual overhead while ensuring only trusted, compliant applications move to production
  • Accelerates incident response by enabling teams to trace issues back to specific releases and artifacts, reducing mean time to resolution (MTTR)
  • Eliminates manual data entry and handoffs between teams by triggering an automated change request in ServiceNow whenever a new application release is ready for approval in JFrog
  • Connects JFrog and ServiceNow without modifying your CI/CD pipelines through a secure, bidirectional REST endpoint between JFrog and ServiceNow

 

Documentation
Availability
Learn More
  • Enterprise+
Related Product
  • JFrog Platform
  • JFrog AppTrust
  • JFrog Evidence Collection
Related Integration
Sonar
Akuity
Develocity Provenance Governor
GitHub Artifact Attestations

Frequently Asked Questions

What is the main purpose of the JFrog and ServiceNow integration?

The integration connects the JFrog Platform with ServiceNow’s change management system. It automates the creation and approval of Change Requests (CRs) in ServiceNow based on events in JFrog, like the promotion of an application version. This streamlines the release process by ensuring that all necessary approvals and evidence, such as security scans and build information, are captured and reviewed in ServiceNow before a release.

How do ServiceNow and JFrog applications map to each other?

The integration links JFrog AppTrust Applications with ServiceNow DevOps Applications. This mapping is done by creating a JFrog AppTrust Applications record in ServiceNow, which maps the two entities. 

Once mapped, the JFrog AppTrust application is created and updated with the relevant ServiceNow Application information. Additionally, JFrog can pull details like the application’s name, description, and business criticality from ServiceNow.

How does a change request get created in ServiceNow?

When a new AppTrust Application version is promoted to the “Pending-Approval” stage in JFrog, the integration automatically creates a Change Request (CR) in ServiceNow. This CR includes information about the release, such as the packages involved and a link to the JFrog application version. Additionally, the relevant evidence is translated into ServiceNow, and linked to the CR.

What happens after a change request is approved in ServiceNow?

Once a Change Request is approved in ServiceNow, the integration performs two key actions:

  1. It creates evidence on the AppTrust application version in JFrog, which links back to the approved ServiceNow CR.
  2. It triggers a version release in JFrog, promoting the application version to the “Release” stage.

What kind of evidence is shared between JFrog and ServiceNow?

The integration shares important evidence from JFrog with ServiceNow to support the change approval process. This includes information like scan results, build provenance (the history and origin of the build), and other software quality details. This evidence is displayed directly within the ServiceNow Change Request, providing approvers with all the data they need to make an informed decision.

About ServiceNow

ServiceNow is the AI platform for business transformation. Connect AI, data, and workflows to maximize the value of existing technology investments, cut costs, and make impactful improvements in core business processes all on a single platform.
Learn More