Hello All,I'm facing an issue while integrating CrowdStrike Falcon Sandbox with ServiceNow Security Operations. When submitting a URL for malware analysis, I receive the following Error: 'access denied, authorization failed' occurred while submittin...
Hi Folks, I am troubleshooting an issue where in i need to understand the CI mapping rules for VM Rapid & data import. Issue - Rapid7 (Intsights VM) has scanned a asset with URL - xyz.com however when the VI got created it was created with IP address...
Hello everyone, I’m looking to set up a fast-track solution for managing critical CVEs (Common Vulnerabilities and Exposures) that require immediate attention. Here’s a brief overview of what I’m aiming to achieve:Ad Hoc Remediation Targets:I need a ...
Hi All,I need an information regarding cancellation reason of playbook in SIR.On which table the cancellation reason of playbook in security incident is stored in ServiceNow?Thanks,Kushal
Context:In the Application Vulnerability Response plugin, we are working with a vendor that doesn't have an integration, so we've built import sets to import the data. Issue:We aren't able to run the Assignment rules on Closed or Active = false vulne...
I have installed the Threat Intelligence Security Center app, and am working in the integrations view to get threat feeds from MITRE. In the docs, it looks like you need the sn_sec_tisc.admin role, which I have granted myself. From the docs, it als...
Hi Everyone, What happens to a CI when it is not discovered for 60 days? Any OOB scheduled job will run and change its state? Without any configuration? Something from OOB? Thanks!
I'm trying to understand how the Remediation Status is affected for Vulnerable Items (VIT) that are placed in a deferral status.If the Vulnerable Item has a Remediation Status of "Approaching Target" and then the VIT is deferred, does the status rema...
I have created a new field but while checking in the form it is not editable. Read only check box is not selected. I also checked in UI policies and i didn't found anything. There were no client scripts on that table. What else I need to check?
I am working with an Incident Response Option Rule in ServiceNow, where I have set a few conditions that determine when the rule applies. Additionally, I have three response option mappings under this rule. Now, I need to add a new condition, but it ...
My customer is using the Yokohama version of the platform.I wanted to check with you all to see if there are any out-of-the-box (OOTB) dashboards or reports available for tracking Response Tasks and Remediation Tasks. Specifically, I’m looking for an...
Vulnerability Integration[sn_vul_integration]テーブルから「First.org EPSS Integration」を実行したところ、実行時間が10時間以上かかり、かつ複数のデータソースにて「Job exceeded processing time and was forced to completes status」エラーが発生し、ジョブのステータスも「Error」となっております。再度ジョブの実行を試した際も、実行時間は一日以上かかり、同様のエラーが...
Hello Community, I need to create two custom fields in the Vulnerability Item form in ServiceNow: 1. A field to calculate the Deferred State Duration, which tracks how long a vulnerability item remains in the Deferred state. 2. The second field shoul...
which otb scheduled job works to update "run vulnerability calculator" flag to false?
Hello All, I have a situation where on the Vulnerable Item Detections, the CI does not match the detection DNS name and NetBIOS name. Anyone have an idea why this could be happening? Example - CI is of class- Incomplete IP Identified Device and on t...
