Hi Team,I'm currently working on building playbooks within the security Incident Response(SIR) module using Automation process designer and would like to include an activity stream as part of the playbook execution. The goal is to post updates or log...
We configured runbooks and it is showing in SIR Incident Workspace Form. But when i am opening the runbook in new tab to get the full view, it showing empty. Kindly suggest to resolve this.
Hi Team , I'm facing an issue while using the Send Email activity in a Playbook(Process Automation Designer ) in ServiceNowWhenever I try to add custom text in the email body and then use the data pill picker to insert a field ( e.g. SIR Number) ,the...
We have Tenable.sc integration creating vulnerability records with CISA KEV integration to provide additional data. My question is about the Exploit Exists field. Looking at the TEN record I have records with this field set to both true and false and...
Hi - A few years ago, we had a consultant company build our VR application to our company's design specs. It was recently discovered that Vulnerability Group records (sn_vul_vulnerability) aren't having their active field set to false when the state...
We are looking for someone who has implemented Security Incident Response and could provide perspective on what the overhead looks like from an on-going support perspective. Any comments here or willingness to connect would be appreciated.
when we raise a request exception for a vulnerable item, a Survey popup will appear but user can close without filling the fields. we want to make the user to fill form and submit then only exception request process needs to start.
Hi Everyone, We have implemented VR in ServiceNow by integrating with Qualys, it is working fine, however when trying rescan option, the integration if failing with below errorWe reached out to HI team about this, they said that"""Most Probable Cause...
Hi All,We have an integration with Tenable for our SN's Vulnerability Response.Lately I've got such a requirement:Vulnerable items should be marked as exception each time when CI scanned in Tenable has superseded patches in it.Has anyone had any expe...
Hi,I want to remove "By Priority" widget in Overview section of Security Incident Response Workspace and want to add my own custom widget. Please refer the attached screenshot
I would like to automatically create remediation task anytime a Known Exploit Vulnerability (KEV( is added to the catalog. Sometimes, 1 CVE is added at a time and other times it might be several. Due to the way we ingest vulnerability data, we ingest...
Vulnerability information integrated from third parties (such as Tenable)To link this vulnerability to CI, it is necessary to search for configuration items.Is it correct to think that only lookup rules are used at this time?Are IRE or identification...
Presently, Github generated SBOM SPDX files cannot be ingested into ServiceNow SBOM capability without a conversion or, at minimum, a manual code hack in the json file (which is not ideal).Although we can always automate SBOM ingestion via actions, i...
I'm working on setting up a vulnerability exception approval flow in ServiceNow SecOps and need help designing the following process:First-level approval by users from Group A.After approval, a recommendation task is created for users from Group B.Gr...
When viewing the new Instance Security Center dashboard's Daily Compliance Score, I notice the score does not update. It says the last time it was updated was 5/31 and only looks like it contains 5/29-5/30 data. This is a new Madrid (from Jakarta) ...
