Hello Everyone, I have gone through one issue is that - There is a VIT which is created by VR System with assignment type as "manual" still the source is "Qualys" instead of "Manual". If the VIT is created manually then the source should be also manu...
When we stood up the Security Incident Response module, our request was that non-SOC members could not see the SIR, but could only be assigned SITs. Based on this, the appropriate groups were given the "response_task" Type and can be assigned tasks....
Hi, I have rolled out the first portion of the Microsoft Sentinel Integration (from ServiceNow store). I already have SIR +Secops and have done most of the mapping and config in SNOW. The issue I am having is that when polling for say 1m, I am pickin...
We have various VIT's (in the thousands) that were manually reassigned therefore the newly created assignment rules don't apply to them. However, we would like to know if there is a solution we can implement to get the assignment rules to apply, even...
Hi All,I'm creating playbooks to deal with Security Incident and Major Security Incident processes. One of my requests is to, based on conditions, trigger buttons either Promote Major Security Incident or Propose Major Security Incident directly from...
We're working on an exciting new feature: Automated Scheduling of Pentest Requests! Our goal is to streamline the process of requesting and scheduling penetration tests, making it quicker and easier for everyone involved and lower down the manual inp...
We're working on an exciting new feature: Automated Scheduling of Pentest Requests! Our goal is to streamline the process of requesting and scheduling penetration tests, making it quicker and easier for everyone involved and lower down the manual inp...
Hi Community,I'm currently working with the Security Incidents table (sn_si_incident) and have encountered an issue related to duration calculations.What I'm trying to do:Access the sn_si_incident tableFilter the list to show only closed incidentsDis...
Hi There, Just wanting some clarity around how vulnerability assignment rules are applied when a new VI is created. We currently have a few hundred vulnerability assignment rules configured because each technology type have different requirements for...
Hello Everyone,Seeing VIT records are still open after the detections are closed as stale. Only few records fall under this issue, what might be the reason for this? I also saw there are few VITs which are closed as stale when the detections are clos...
Hi All,How to disable/hide encryption popup for attachments on a catalog form in Portal for specific scoped record producers, in my case I need to disable this option for Security Incident Response related record producers. Any idea how can we resolv...
Hello Everyone, We have an open VIT and open detection records; however, the detection was not found since a month. I believe when no detection found, respective detection record should be marked as closed and also the VIT record. But in our case, th...
Hello, We are currently setting up the integration with ServiceNow and Azure Sentinel. We created a profile for Azure Sentinel and wanted to ask if anyone has found a good or recommended solution on aggregating alerts (step 3 of profile set up). Duri...
