Hello, I’m reaching out to gather insights from the community on best practices for defining lookup rules in the Discovered Items table. What rules have you found most effective, or what strategies do you recommend to ensure accurate matching between...
I’m working with a client that uses Rapid7 and Microsoft TVM with ServiceNow VR. A large percentage of discovered items remain unmatched, so VR creates many fallback CIs (Unclassed Hardware / Incomplete IP Identified Device).We need clarity on what h...
Hello.I have a question to VR Qualys experts. We have encountered an issue where the Qualys Integration "Qualys Host Detection Integration" Reports Different data for Both "New items or Updated Items" These are successful and complete scan runs. But ...
Hello All, I have discrepancies in data ingested to ServiceNow from Qualys. A complete/successful run scan is generating different data for both New items and updated Items. How can i troubleshoot this to know exactly what is wrong. Could this have ...
Hey everyone, I hope you're well. I'm reasonably new to the Security Operations side of ServiceNow so apologies if some of these questions seem reasonably straight forward. I've been working with our IT Security team to improve the VR experience in S...
Hello,We have the VR integration with Tenable.io. We use remediation target rules to set SLAs and task rules to group VIs together by CI support group. The problem we have is that new VIs are being added to existing/open Remediation Tasks that have a...
Hello,Is there a suggested workflow/practice for bulk editing Container Vulnerable Items? There is a "Bulk Edit" feature for host VITs in Vulnerability Response, however I don't see one in CVR, nor do I see any documentation on the subject. We are ...
Hi, 1. On security incident record in security incident response workspace when we click on "create incident", a modal pops up. In this we want to add "assignment group" reference field with list similar to available on incident table. We found a re...
I'm running ServiceNow Vulnerability Response 26.0.11. There were recent changes to VR and now exception rules no longer create remediation task to track VITs that are deferred; but I also noticed I no longer have the option when creating the excepti...
Hi All, I'm using the Atlassian Jira integration with Vulnerability Response integration. However, I notice that I can only set 'sn_vul_app_vulnerability' or 'sn_vul_app_vulnerable_item' as my entity tables in the agile tool configuration (sn_vul_agi...
Error: OAuth flow failed. Verify the configurations and try again. Error detail:invalid_request, AADSTS90002: Tenant 'ea2bd261-c1b1-4388-b0ea-e9a7f266061d' not found. Check to make sure you have the correct tenant ID and are signing into the correct ...
Is there a way to report on MTTD (mean time to detect) for particular support groups or a canned report that visualizes this?
We use Rapid7's Active Risk score as one of the primary drivers of the normalized risk rating of third-party vulnerability entry records in VR, which then drives the risk score/rating of vulnerable items. As Active Risk is driven by threat intelligen...
Hi,We need to make closed state value visible only when current state is review in SIR workspace. We tried using onChange client script as well as Before business rule but its not reflecting in workspace. Is there any other way to configure this? Is ...
Can anyone provide me with an example of the response.json received from Sysdig on the endpoint https://<server>/api/scanning/v2/runtime/vulnerabilities?The reason I ask is that we are on-prem with both sysdig and servicenow and sysdig only offer th...
