When associating a Mitre attack record against an incident using the "Associate Mitre ATT&CK Technique" related link from the Security Incident form... from the dialog window, you initially select the Source and then the Tactic. But when selecting t...
Integrating Tenable with ServiceNow Security Operations enables streamlined vulnerability management by importing and managing vulnerabilities directly within ServiceNow. Follow these steps to configure the integration: Step 1: Install the Vulnerabil...
Prior to Vulnerability Response v12.2, if a matched CI isn’t found either in the Discovered Items list or CMDB, a CI is created in the Unmatched CI class (sn_sec_cmn_unmatched_ci). For more information, see Unmatched CIs.Starting with v24.0.6 of Vuln...
Hello, We have the API integration with Rapid 7's InsightVM and are ready to set timelines on vulnerability remediation. We have 4-5 tiers for remediation timelines and I'm trying to determine if we should use SLAs or Remediation Targets. It seems l...
I'm struggling a bit with adding new Related Lists in the SIR Workspace. I've created an m2m table linking SIR Incidents and Departments for example, but when I try adding it following the documentation for adding Entry Point Lists or if I just add i...
We are implementing Vulnerable Response with JIRA integration. On the Agile Tool State mapping form a note was written stating, "Note: The state will only be synchronised from ServiceNow to Agile tool if the entity state is Closed in ServiceNow or if...
We are trying to find where the Tenable "finding_id" is stored within the Vulnerability Response tables.Does anyone know? Or has anyone figured out how to modify the Tenable Integration Processes to include the Tenable "finding_id" on the Detection T...
Problem: Too much unnecessary PII being added on Service Now tickets. What is the best solution to identify and redact it?
We have created Knowledge base to aid remediation teams in performing common remediation actions like resolving task in the Security Exposure Management Workspace. It is possible to use now assist to suggest KB articles similar to how "analyst assist...
I am trying to create a query using the tables Server CI (CMDB Class), Remediation task and Vulnerability Item, and looking for an output with server name, OS, vulnerability item and remediation task number (VULXXX). I can create a relationship betwe...
Hi Everyone, We have five vulnerability scanners integrated with our instance, and we are seeing duplicate detections coming in from multiple sources. Also, for some I could see there is few similar vulnerable item created for same issues.Does Servic...
Hello,I am currently working on a Qualys integration for Vulnerability Response and have run into a bit of a roadblock regarding data mapping.I need to review or modify how specific fields are being populated, but the logic does not appear to be de...
I have a corrupted CI (Central Interaction). When I access its record, I get a "(Record not found)" message. I've tried disabling it through the table, deleting it from the table, and even creating a script and running a deletion script in Fix Script...
Hello Experts! Not sure I'm posting this on the correct forum, but here goes. Who has some experience with integrating ServiceNow with Entra? We use Entra as our SSO provider, and have been given a requirement to allow the help desk to send a user an...
Hi Everyone, I am looking for some guidance on the best practices and most effective use cases for implementing Vulnerability Response notifications. I understand that triggering notifications for every VIT (Vulnerable Item) creation or assignment is...