Snow VR Integration with Tenable Cloud Security
Is it possible to integrate Snow VR with Tenable One's Cloud Security module, to import cloud findings as VIT (or INCidents), similar to the Tenable.IO integration?
Forum Posts
Metric for Time Spent in Security Incident Response VS working a ticket.
Hello, Lets' say you have an analyst whom works overnight and there are no tickets coming in. How can I have a timer (similar to what runs when an incident is being worked on) run while an analyst is waiting for a ticket to come in. This way he get's...
Data Filtration not available for Security Incident Resonse Module?
Hi guys,I just want to create a data filtration rule for a table in scope of the incident response module. Unfortunately, I was not able to select any of the tables. Do I need to activate something else or is the incident response module not support...
Tenable.sc Integration Stuck in "Wait Complete" with No Data Being Pulled
Hello,We have a Tenable.sc integration set up, but whenever I execute it, the status moves from "Running" to "Wait Complete" with a substate of "Success." However, no data is being pulled, and the status remains in "Wait Complete" even after a full d...
Creating Incident using API KEY
I was tried to create an incident to my incident table, through this api route - /api/now/table/incident.My api key is attached to an user with the following roles:itilsecurity_adminadminAlthough this roles, I did not manage to create an incident and...
Resolved! Documentation on new 'Rapid7 Scan Engine Integration'?
After recent upgrades to Vulnerability Response and the Rapid7 integration, I noticed a new Rapid7 integration called "Rapid7 Scan Engine Integration - API". It is not active. I cannot find any information on it, what it is does, where it should be r...
Rapid7 Comprehensive Vulnerable Item Integration - Daily Run
For Vulnerability Response ingestion from Rapid7 InsightVM, does anyone have the "Rapid7 Comprehensive Vulnerable Item Integration - API" ingestion set to run daily?I'm considering running this integration daily for typically importing 4-6 million ac...
Azure Sentinel intergration
We have completed *integration activity with Azure Sentinel. After which we are not able to map Configuration item of ServiceNow with Sentinel field. We tried with "Hostname", "Friendly Name". Yesterday we found "Entities" in Sentinel logs, but we ar...
Users with no riles can see backend tables
Hi community I noticed that in my PDI users with no roles can access the user table via backend if they have the correct url. They can only see names and all other columns are hidden. However I wondered if I can stop this as it is bad user experience...
Vulnerability item(VIT) did not close after 90 days of last detection
Hi, Vulnerability items needs to be closed after 90 days of last detected date as per the configuration but one of VIT did not close The VIT is currently under "In review" statusUnder the detection tab, the last found date is 26-07-2024 21:38:55
vulnerability item form
vulnerability item form their is no CVE field how we can fetch that field in vulnerability item form
Regarding the CI placeholder record created during vulnerability data ingestion.
After capturing vulnerability data, if the CI look up does not match the CI, a placeholder record is recognized to be created in cmdb_ci_unclassed_hardware. Reference: https://www.servicenow.com/docs/bundle/xanadu-security-management/page/product/vul...
Component End of Life report
After uploading a SBOM file, I can view the details of a component. Is there a way to see whether the component has reached the End of Life (EOL)? The reason I am asking is that in nexusiq/sonatype, I can see a report of Component End-of-Life for an ...
Tenable scheduled jobs
There are below scheduled jobs are available post Tenable integration , which jobs should active as True in the case of vulnerability lifecycle , as I dont want to enable all jobs to avoid performance issue Tenable.io Assets IntegrationTenable.io Fi...
