Can we import playbooks in SIR ServiceNow from IRIS tool?
Hi, Is it possible to import existing customer playbooks from IRIS tool to ServiceNow?
Forum Posts
Resolved! roles required for security catalog access
I want to know which roles are required for accessing security catalog ?
Tenable.io web application scanning asset and vulnerabilities import in ServiceNow are not working
Dear Experts,We are facing an issue in web scanning import from Tenable.io into ServiceNow for #Vulnerability Response implementation.Connection between the Tenable.io and ServiceNow is successful. However, in ServiceNow we are receiving only Nessus ...
A vulnerable item was not grouped into any remediation task
A vulnerable item was not grouped into any remediation task although all the conditions matched the VIT and there is no missing data. So the issue is that VIT now does not have any remediation task. What could be the possible issue?
Monitoring Vulnerability Response Exception Rules
Is there a way to determine which Exception rule resulted in a deferral, similar to the assignment rules, where the assignment rule is tracked in the VIT?If not, this may be a valid enhancement request.Aside from identifying why the VIT was deferred,...
Resolved! Modules & workspace not available for security incident response after installing plugins
Hi, I have installed the plugin "sn_app_secops_ui" for security incident response response application in my PDI, which has also installed the dependent plugins "sn_si" and "sn_si_aw". However I cannot find any data/ Table, workspace related to secu...
Resolved! How does Application Vulnerabilities Response handle unmatched Application CIs
Hi Community, We are currently exploring on Application Vulnerability (AVR) in ServiceNow, and i have come across a scenario where need your help to understand it. When a vulnerability scanner (Veracode) identifies a new application vulnerability in ...
Daily Extract of Reports to Sharepoint site or Shared Drive
Hi Everyone, I was wondering, how to link daily extract of two reports to a SharePoint site. While scheduling the report, is there a way to configure to go to a SharePoint site? or Shared Drive? Any help would be greatly appreciated. Thank you
ServiceNow Rest API throwing error (401 UNAUTHORIZED)
Hello Experts, I am using the below command from a unix machine. curl -v "https://<instancename>/api/now/table/incident?sysparm_query=assigned_to=aea28412db295704e744f1e51d96194c" --request GET --header "Accept:application/json" --header "X-userToken...
Vulnerabilities in an IT Portfolio
Has anyone successfully created a relationship between the vulnerabilities in the 'Vulnerable Items" table to an IT Portfolio (indirectly to the portfolio manager) without using Query Builder? If yes, could you please share how you went about doing t...
VIT created with assignment type as "Manual" but the source is still "Qualys" instead of Manual
Hello Everyone, I have gone through one issue is that - There is a VIT which is created by VR System with assignment type as "manual" still the source is "Qualys" instead of "Manual". If the VIT is created manually then the source should be also manu...
Resolved! External Access for Security Incident Response Tasks
When we stood up the Security Incident Response module, our request was that non-SOC members could not see the SIR, but could only be assigned SITs. Based on this, the appropriate groups were given the "response_task" Type and can be assigned tasks....
Sentinel to ServiceNow (SIR) sync
Hi, I have rolled out the first portion of the Microsoft Sentinel Integration (from ServiceNow store). I already have SIR +Secops and have done most of the mapping and config in SNOW. The issue I am having is that when polling for say 1m, I am pickin...
Resolved! Reapply Assignment Rules on manually reassigned VIT's
We have various VIT's (in the thousands) that were manually reassigned therefore the newly created assignment rules don't apply to them. However, we would like to know if there is a solution we can implement to get the assignment rules to apply, even...
