Hello. We have issue with OOTB - Request risk reduction for a vulnerable item.When we request:A. Request for DeferralB. Request for Risk Reduction Two "State Change Approvals" are being created for A and BWhen we do all approvals A is going in to App...
I came across a ServiceNow Product Doc that states that "CI reclassification is possible only between two classes that have identical identification rules." What does it mean to have identical identification rules? And how does reclassification happe...
I'm trying to enable cross-widget interaction-where selecting a data point in one visualization(e,g, a donut or bar chart) dynamically filters or updates the other widget on the same dashboard. I've configured multiple widgets and global widgets wor...
Is there any known way to manually change an individual VIT risk rating? I know you could do it via a calculator rule targeted for that specific CI/instance but that is a bit too specific and would lead to a runaway list of way too many rules. We hav...
Hi. I have a question about "Populate Internet Facing attribute on Hardware".The value of the "Internet Facing" field in the Hardware table is updated by the "Populate Internet Facing attribute on Hardware" in the sysauto_script table.The execution t...
HiWe're having a bit of trouble adding multiple affected users into SIR tickets using the Azure Sentinel Incident Ingestion Integration. We are able to ingest Sentinel Account entities (${Account: properties(displayName)}$) using a simple glide get q...
Hi all has anyone successfully mapped the MITRE Technique ID/Name from Azure Sentinel source data into the Security Incident? We have been informed from our analysts that the Technique is available for the Sentinel incidents but it does not appear ...
Hello, Has anyone implemented a workaround to have Sentinel close SIR incidents since the integration is not bi-directional in this regard? Thanks!
Hi Community, I'm currently working on setting up Qualys integration for Vulnerability Response following lab instructions.For some strange reason, integration job fails with error: "Cannot run REST-based integration without a Qualys API credential s...
Hi community. While submitting some of record producers, I am getting this error message: 'Invalid attempt. Encrypted data could not be saved.' Now this is due to some masked fields which we have added in producer as per request from client. I also t...
Hello experts,I am new to Vulnerability, and I would like to have process information.In our instance, we have identified examples, where the VCA was wtill in review, even when the associated remediation task(VUL) was closed and its VIT's were also c...
Noticed that when a close VIT record is reopened by VR system, it is re-evaluating the assignment rule and it may change/update the assignment group of the VIT record if there changes in the CI record support group details. Can someone point what or ...
Hi All,I am facing issues with adding work notes as default list view column in classic view. I do reset to default columns still i can't see work notes in list view. Please help me on this. Thank You.
Hello Community, My client has requested an email notification in the Security Incident Response application that includes a record of every update made to a specific SIR, with the details converted into JSON format and attached to the email. Now, I ...
