Email Notifications for vulnerability response
Hi All, Does someone have the business/functional definition of the OOB email notifications for the vulnerability response? Currently, I see there are 50 email notifications. Regards,Maloy Banerjee
Forum Posts
Vulnerability Triage Overriding Risk Rating
Hi, I am looking for advice and guidance on the risk scoring best practices for vulnerability response when using a vulnerability triage process. I am looking at automatically classifying / risk scoring the vulnerabilities based on metrics such as ...
Resolved! Bulk Editing for Container Vulnerability Response (CVR)
Because of the high volume of CVIT tickets being created by our new CVR Module. We are in need of bulk editing to assign tickets and to group them pre vulnerability. Does anyone know of any documentation that could explain how to do this function or ...
How do Remediation Tasks (VUL) close?
Based on a few ServiceNow documents, It seems the expected behavior is that "When all the VIs in a remediation task are closed, the remediation task is closed." We are seeing numerous remediation tasks still in an open state even with 0 open Vulnera...
Database View shows count but doesn't show records
Hi, this issue is not really any release specific or module specific as i have seen this issue on different releases and different modules so it's platform wide whenever i create a database view (join 2 tables) , I see a count of all the results ...
Vulnerability Rescan Error - Tenable Rescan
Hi,I was working on the vulnerability rescan (tenable sc) but getting an error:Error: Invalid response code received from TenableSCScanner: 403 - Please specify a Scan Zone.Can anyone please help me with this?
Approval rules for Vulnerability Response application
Hi Experts, I have written below code to send approval to Assignment group manager if manager is available for the group, if not approval will be sent to group members. I am getting approvals, but i am facing the issue after approving vulnerable it...
how to import data into vulnerability response in ServiceNow?
Hello Everyone!! i need to know how to import data into vulnerability response in ServiceNow? also, please share if their is any practical courses on vulnerability response or any demo project on vulnerability response for better understanding.
How license is calculated for "Security Operations Professional - VR - Devices"
Hi All, In our instance we have 10K entitlements for "Security Operations Professional - VR - Devices" subscription and currently the subscription is over the limit we have entitlements to. Can I know how the subscription is calculated for Security O...
Vulnerability Items Count for all Approved Exceptions with Deferral details
We use Vulnerability Response for Exception management. Vulnerabilities are submitted for approval as individual VI and VUL (Remediation task). This created VCA (Vulnerability State Change Approvals) record which has Detail, Additional Information, D...
How to configure SLAs for Vulnerability group?
Hi, I have a requirement to configure SLAs for Vulnerable groups. Currently we are using remediation target rules, which are counting calendar days not business days. For this reason we wanted to switch to SLAs for remediation. But while I am creatin...
What happens to stale records in discovered items?
We have several duplicated records in discovered items table for same IP and asset name combination. Qualys is our scanner tool and a unique thing about these records is the Source ID for all these records are different. These are mostly VDI records....
How to run "Reapply CI lookup Rule" to a specific VIT?
Hi, I am facing a scenario in which 150 VIT's were associated to one Discovered item and some of the VIT record's "Configuration item" field and "DNS name" field under initial detection section is different. I am referring to the below issueHow Initi...
How Initial detection DNS name and Configuration item in Vulnerable item is different ?
Hi All,I have found an issue with the vulnerable item. Some of the VIT record's "Configuration item" field and "DNS name" field under initial detection section is different. For most of the VIT records they have same name in Configuration item field ...
Remediation Target When VIT Risk Rating Changes
Hello, We recently had a vulnerability in our scanning tool increase in severity. This caused the VITs related to that vulnerability to go from a Risk Rating of medium to high. Our remediation targets are based on Risk Rating. Mediums by default don'...
