We are using SeqOps-VR to capture vulnerability information from a third party (InsightVM). After implementing a vulnerability response for a certain vulnerable item,If the vulnerability is re-scanned by InsightVM and the vulnerability is no longer o...
Hello Everyone, When the risk rating of a vulnerability changes from one level to another, the SLO should begin or begin again when the rating changes. Basically the SLO clock should Restart anytime the Risk Rating changes. Example of the current er...
Hi team, We are on Xanadu version but the UI for entire instance specially Vulnerability Response application looks different, seems old. Is there any property we need to enable to fix that? Thanks,Su
We would like to know which fields, if any, that if they are changed in a parent SIR, are also changed in its child SIRs. It is just a question to understand the relationship between parent and child SIRsCould you please help me on this.
Hi Folks,I am looking for some concrete information regarding failed login attempts.So whenever user makes a failed login what servicenow does in the backend like where ServiceNow stores the attempted login details. Does it stores login information i...
Hello Community, I have deactivated the approval rule 'Application vulnerable item field change request' , so that when i unassign the Application vulnerable item the Vulnerability State Change Approval is auto approved without any approver as i don...
Is it possible to integrate Snow VR with Tenable One's Cloud Security module, to import cloud findings as VIT (or INCidents), similar to the Tenable.IO integration?
Hello, Lets' say you have an analyst whom works overnight and there are no tickets coming in. How can I have a timer (similar to what runs when an incident is being worked on) run while an analyst is waiting for a ticket to come in. This way he get's...
Hi guys,I just want to create a data filtration rule for a table in scope of the incident response module. Unfortunately, I was not able to select any of the tables. Do I need to activate something else or is the incident response module not support...
Hello,We have a Tenable.sc integration set up, but whenever I execute it, the status moves from "Running" to "Wait Complete" with a substate of "Success." However, no data is being pulled, and the status remains in "Wait Complete" even after a full d...
I was tried to create an incident to my incident table, through this api route - /api/now/table/incident.My api key is attached to an user with the following roles:itilsecurity_adminadminAlthough this roles, I did not manage to create an incident and...
After recent upgrades to Vulnerability Response and the Rapid7 integration, I noticed a new Rapid7 integration called "Rapid7 Scan Engine Integration - API". It is not active. I cannot find any information on it, what it is does, where it should be r...
Hi all, I want to know how the "Secure Attachments" are managed on ServiceNow. Say we have a phishing email that got escalated to a security incident or the analyst wants to submit a malicious file to sandbox, is it safe to upload it in "Secure Attac...
For Vulnerability Response ingestion from Rapid7 InsightVM, does anyone have the "Rapid7 Comprehensive Vulnerable Item Integration - API" ingestion set to run daily?I'm considering running this integration daily for typically importing 4-6 million ac...
