We have many Vulnerability Response Assignment Rules. They change frequently (new rules and changes to existing). Some of the condition values are large. When we export (excel) the Assignment Rules to validate that Rule Condition Values are not con...
Is there a plan or roadmap to integrate Tenable.sc with Configuration Compliance or has anybody done this integration?We currently have Tenable.sc integrated with Vulnerability Response and now would like to start pulling in the compliance data from ...
Hello, I'm a ServiceNow student, but I really like the SecOps module. How do I start to gain market visibility and get my first opportunity?
Hi Team,I'm currently working on building playbooks within the security Incident Response(SIR) module using Automation process designer and would like to include an activity stream as part of the playbook execution. The goal is to post updates or log...
We configured runbooks and it is showing in SIR Incident Workspace Form. But when i am opening the runbook in new tab to get the full view, it showing empty. Kindly suggest to resolve this.
We have Tenable.sc integration creating vulnerability records with CISA KEV integration to provide additional data. My question is about the Exploit Exists field. Looking at the TEN record I have records with this field set to both true and false and...
Hi - A few years ago, we had a consultant company build our VR application to our company's design specs. It was recently discovered that Vulnerability Group records (sn_vul_vulnerability) aren't having their active field set to false when the state...
We are looking for someone who has implemented Security Incident Response and could provide perspective on what the overhead looks like from an on-going support perspective. Any comments here or willingness to connect would be appreciated.
Hi Everyone, We have implemented VR in ServiceNow by integrating with Qualys, it is working fine, however when trying rescan option, the integration if failing with below errorWe reached out to HI team about this, they said that"""Most Probable Cause...
Hi All,We have an integration with Tenable for our SN's Vulnerability Response.Lately I've got such a requirement:Vulnerable items should be marked as exception each time when CI scanned in Tenable has superseded patches in it.Has anyone had any expe...
Hi,I want to remove "By Priority" widget in Overview section of Security Incident Response Workspace and want to add my own custom widget. Please refer the attached screenshot
I would like to automatically create remediation task anytime a Known Exploit Vulnerability (KEV( is added to the catalog. Sometimes, 1 CVE is added at a time and other times it might be several. Due to the way we ingest vulnerability data, we ingest...
Vulnerability information integrated from third parties (such as Tenable)To link this vulnerability to CI, it is necessary to search for configuration items.Is it correct to think that only lookup rules are used at this time?Are IRE or identification...
Presently, Github generated SBOM SPDX files cannot be ingested into ServiceNow SBOM capability without a conversion or, at minimum, a manual code hack in the json file (which is not ideal).Although we can always automate SBOM ingestion via actions, i...
I'm working on setting up a vulnerability exception approval flow in ServiceNow SecOps and need help designing the following process:First-level approval by users from Group A.After approval, a recommendation task is created for users from Group B.Gr...
