Security should be established before configuring interfaces or business logic in the ServiceNow application build process. This is known as "security by design."
Here's why:
Prevent Security Gaps: Building security into the application from the start helps prevent vulnerabilities and security gaps that can be exploited later.
Reduce Rework: Addressing security early avoids costly rework later if security issues are discovered after development is complete.
Enforce Best Practices: Starting with security ensures that security best practices are followed throughout the development process.
Why not the other options?
A. Only when issues are encountered during operations: This is a reactive approach that can lead to significant security risks.
B. After configuring all the application workspaces: Security should be integrated throughout the application, not just in specific workspaces.
C. After configuring all required integrations: Security should be considered before and during integration to ensure secure data exchange.
[Reference: ServiceNow Security best practices, Secure development lifecycle, =================]
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit