Major security incident management
Hi Team, In MSIM there is a section called "Variables", may i know what the use of that section?
We're reclaiming inactive PDIs to keep them available for active builders. Learn what's changing, who's affected, and how to protect your work. Read More
Hi Team, In MSIM there is a section called "Variables", may i know what the use of that section?
Hi CommunityI am trying to install VR plug in in my personal developer instance since the UI page for Developer Program changed recently i am not able to find VR plug in in the plug in LIST or application manager after the new UI servicenow is not al...
Hello All,I am trying to see how many vulnerabilities are there for each of the business units using a platform analytics dashboard. I have a simple platform analytics dashboard with two elements:Single score data visualization elementMultiple select...
(function process(rule, sourceValue, sourcePayload) { /********************************* * CI Lookup Rule Script * * Available variables: * - sourceValue: The value of the source field from incoming data that is used for lookup * - rule: ...
I am working on troubleshooting an issue where several Vulnerable Items (VITs) created from our Qualys integration are missing the First Found and Last Found date values. The VIT is created successfully, but these two date fields remain empty.For con...
The Security Incident Response team is planning for SIR Workspace 2.0 to improve and streamline the workspace experience. To shape a smoother, more effective experience tailored to your needs, our UX team is gathering feedback directly from customers...
Hello Community, I need to associate multiple CIs with a single security incident record in the Security Incident Response application form. How can I achieve this?
Hi. Is there a recipe to create MTTR dashboards for time taken to close vulnerable items, in the same way there is a recipe in your community article on how to create "Reports for MTTR, TTR and Total time taken to close for incident table"?
Anyone has a recipe to calculate MTTR (Mean time to remediation) for vulnerable items that are tagged CISA or Ransomware?
Hi all, I want to know how the "Secure Attachments" are managed on ServiceNow. Say we have a phishing email that got escalated to a security incident or the analyst wants to submit a malicious file to sandbox, is it safe to upload it in "Secure Attac...
Has anyone ever come up with a way to rollup up detections to a single VIT, regardless of scanning source? I've had SecOps people ask me, if the CVE and CI are the same, why can't I add the new detections to an existing VIT, regardless of who found i...
Hi,Could anyone please help me understand how to increase the spacing between the banner and the search bar (as highlighted in the image)? We’d like to move the search option slightly lower on the page.
Hi Community,I'm working on a requirement where I need to suppress audit entries related to Risk Score from appearing in the Activity Stream whenever the Priority field is updated on a record.Has anyone implemented a similar solution or can suggest t...
We had penetration test in servicenow for potential vulnerability and found to fix below two. LUCKY13 — Remediation requires disabling the vulnerable ciphers, as noted in the information above.• Instead of CBE Cipher Suites, use AEAD Cipher Suites su...