Hi there,I want to create an action with "Create Response Task set Incident state V1" so that analyst can answer certain questions.I configured the action in Flow Designer like this.But Yes/No question want show up in the New UI.What am I missing?
Hi Experts - I have an issue. I see two CIs in the CMDB with the same name, `WEBFE01`, but different classes: one is classified as a `Windows Server`, and the other as a `VMware Virtual Machine Instance`. The support group assigned to the `VMware Vir...
Hello!We are doing an RFP for a potential replacement of our Vulnerability Management Solution and may replace Rapid7 IVM with either Tenable.io or Qualys VMDR. We currently run VR with the Rapid 7 IVM API integrations and it works mostly well, but a...
Customer wants to enable the SOC teams the ability to leverage the Notify integrations. The Notify apps say they can work with "task" data type, but does not specify SecOps data type compatibility. Has anyone heard of this being possible?
Hi All, I created a simple TISC(Threat intelligence Security Center) playbook with just an update activity, but it doesn’t display a dedicated section or a button to add the playbook to a case, as it does in the Security Incident module. I’d like to ...
sn_si_incident contain 26 million records and potentially looping automation which is slowing down the test environment. Investigate potential root cause to stop this from occuring. Please let me know the resolution of same
Hi, We're looking to see if there's a way to execute the "Associate MITRE ATT&CK Technique" action through the ServiceNow API? We have SIRs that are automatically created and we have the MITRE ATT&CK info from another source, and right now we are man...
We want to limit users with the impersonate role (which includes admins and certain non-admins) from accessing sensitive data in VR and/or SIR applications when impersonating other users. Use Case:A remediation owner is assigned a critical, exploitab...
Hi,Please let me know the table name of Playbook (PAD) where its work notes are stored. Looking forward for quick resolution regarding the same. Thanks in Advance
As per the requirement, I have to create a report which comprises of Integration Error logs so that I would be able to create a report for the Failed or Cancelled Integration logs like Integration that done using CrowdStrike API so that I can show th...
Hello, We want to hide some of the Reason choices within Vulnerability Manager workspace. Is anyone aware of how to achieve this? It is easy to do this in classic UI but not sure how to do this in the workspace views.Any quick help would be highly ap...
I have put down my thoughts on how to handle Incomplete IP Identified Devices. I would like to hear your ideas on this topic. How is your organization handling them? (See Attachment)
Qualys host detection daily job completing with Substate status Failed. For past couple of days our daily host detection job is not able to ingest all of Qualys data into Snow Vulnerability Response module. Qualys Import Source Substate failed comes ...
Hi Everyone, I am looking for details around the difference between TI Case Management vs TISC Case Management. Below are the questions I have1.What is the significance difference between TI case management VS TISC case management.2.What is the enhan...
I created an exception rule that defers VIs with low risk score. Exception rule works correctly when VI is created. But in case the Risk score increases the Exception rules do not reopen the deferred VIs. Is that an expected behaviour? If yes, what w...
