Hi everyone,We’re currently implementing the CISO Dashboard and are running into an issue where it does not respond to any configuration changes.Even after adding custom Metrics or Supporting Dashboards, the main dashboard continues to display only t...
We're trying to setup SLAs for Security Incidents and not getting any helpful metrics per SIR. Posting the configurations. The relevant fields are empty and "Made SLA" is always true. How can we get these fields to show details? Are these numbers tra...
Hi, We have the below property enabled on VR Tenable.io integration:Since this is enabled, ServiceNow has generated vulnerable items in 'open' state for the plugins that have a 'fixed' state in Tenable. If we disable the above checkbox, will all the ...
Basically, I installed sn_vul_r7(rapid7 integration for security operations), Validated API key and region successfully.After that I run Site filter integration and got all the site's information successfully, I choose one specific site to get the da...
Hi all,I’m running into an issue where the API key value in ServiceNow is not updating correctly.Here's what's happening:I updated the API key in a system property or credential record.However, on the configuration page, it still shows the old key (e...
We have been running VR in prod for almost a year. Our SN VR is integrated with Rapid7. Came across a scenario that is baffling. The jobs seem to be successful but came across an asset. The Discovered Item record created successfully but there was no...
com.snc.snc_access_control
Hi All,for a client we are developing an integration to in ingest new QRadar offences to Security Incident Response (SIR) on ServiceNow.The integration works fine using the plugin "IBM QRadar Offense Ingestion for Security Operations" but we need to ...
How to rename catalog item?
Hello community, We are wanting to cleanup and enrich our Observable data in order to effectively report details within the associated SIRs. I have the following goals. Focusing on 'unknown' observables (~4500 count) update the logic that maps the O...
Hi Team, Azure Sentinel Integration: ServiceNow Incident status not updating on the closure of the incident in Sentinel. Has anyone faced this issue?
Hello, When using the Microsoft Azure Sentinel Incident Ingestion Integration For Security Operations is it possible to update security incidents when you make changes to the mapping in the profile? For example, if I update the profile to include a f...
Hi All,OOB choices for Substate field on Security Incident form is missing. normally below are the OOB Substate choices such as.1. Pending Incident2. Pending Change3. Pending Problem I have checked the Dictionary for Substate field. it seems choices...
Hi All,I have created a custom dashboard in Industrial Workspace and added data visualization (single score) to get the count from Vulnerable Item table, it shows the count correctly but when I am clicking on the count to view the record its showing ...
Hi everyone,I'm working with the Security Incident Response Workspace in ServiceNow and looking to restrict user actions on email replies.Specifically:When a user clicks "Reply" or "Reply All" on an email in the activity stream, I would like to eithe...