Is the security incident response table related to the general incident table?

Go to solution
alyssatodd
Tera Contributor

‎10-18-2023 11:56 AM

When adding the SN Security Incident Response module, the sn_si_incident table is created. Is there a relationship between this table and the CMDB incidents table? If an incident changes from a regular incident to a security incident, how would this be supported?

0 Helpfuls
  • 1,319 Views
1 ACCEPTED SOLUTION

Go to solution
Anand Kumar P
Giga Patron
Giga Patron

‎10-18-2023 11:19 PM

Hi @alyssatodd ,

-->There is no direct relationship between these tables in ServiceNow by default. You'll need to establish a linkage between regular incidents and security incidents through customization relationships.

-->Create a linkage between regular incidents and security incidents using reference fields or custom reference fields. This linkage helps in tracking and associating related incidents.
-->Implement an escalation workflow that triggers the creation of a security incident when specific criteria are met in a regular incident. This can involve defining conditions and actions in Business Rules or Flow Designer
Ex- Flow Designer should start when Incident is created with Priority is “1-Critical”
or execute flow and create security incident.
Please mark correct answer and helpful and accepted solution for others if it helps you.

Thanks,

Anand

View solution in original post

1 REPLY 1

Go to solution
Anand Kumar P
Giga Patron
Giga Patron

‎10-18-2023 11:19 PM

Hi @alyssatodd ,

-->There is no direct relationship between these tables in ServiceNow by default. You'll need to establish a linkage between regular incidents and security incidents through customization relationships.

-->Create a linkage between regular incidents and security incidents using reference fields or custom reference fields. This linkage helps in tracking and associating related incidents.
-->Implement an escalation workflow that triggers the creation of a security incident when specific criteria are met in a regular incident. This can involve defining conditions and actions in Business Rules or Flow Designer
Ex- Flow Designer should start when Incident is created with Priority is “1-Critical”
or execute flow and create security incident.
Please mark correct answer and helpful and accepted solution for others if it helps you.

Thanks,

Anand