I'm struggling a bit with adding new Related Lists in the SIR Workspace. I've created an m2m table linking SIR Incidents and Departments for example, but when I try adding it following the documentation for adding Entry Point Lists or if I just add i...
We are implementing Vulnerable Response with JIRA integration. On the Agile Tool State mapping form a note was written stating, "Note: The state will only be synchronised from ServiceNow to Agile tool if the entity state is Closed in ServiceNow or if...
We are trying to find where the Tenable "finding_id" is stored within the Vulnerability Response tables.Does anyone know? Or has anyone figured out how to modify the Tenable Integration Processes to include the Tenable "finding_id" on the Detection T...
Problem: Too much unnecessary PII being added on Service Now tickets. What is the best solution to identify and redact it?
We have created Knowledge base to aid remediation teams in performing common remediation actions like resolving task in the Security Exposure Management Workspace. It is possible to use now assist to suggest KB articles similar to how "analyst assist...
I am trying to create a query using the tables Server CI (CMDB Class), Remediation task and Vulnerability Item, and looking for an output with server name, OS, vulnerability item and remediation task number (VULXXX). I can create a relationship betwe...
Hi Everyone, We have five vulnerability scanners integrated with our instance, and we are seeing duplicate detections coming in from multiple sources. Also, for some I could see there is few similar vulnerable item created for same issues.Does Servic...
Hello,I am currently working on a Qualys integration for Vulnerability Response and have run into a bit of a roadblock regarding data mapping.I need to review or modify how specific fields are being populated, but the logic does not appear to be de...
I have a corrupted CI (Central Interaction). When I access its record, I get a "(Record not found)" message. I've tried disabling it through the table, deleting it from the table, and even creating a script and running a deletion script in Fix Script...
Hello Experts! Not sure I'm posting this on the correct forum, but here goes. Who has some experience with integrating ServiceNow with Entra? We use Entra as our SSO provider, and have been given a requirement to allow the help desk to send a user an...
Hi Everyone, I am looking for some guidance on the best practices and most effective use cases for implementing Vulnerability Response notifications. I understand that triggering notifications for every VIT (Vulnerable Item) creation or assignment is...
Hi there, I am trying to explore the configs for USEM workspace and have been having a hard time creating a new remediation task rule where the issue I am facing is the save button staying greyed out. I'd like to know if this is a common issue or hav...
Does anyone have any ideas on how to run a Threat Lookup, or even better to automate the process, from the Security Case > Case Artifacts > Observables? In the attached screenshot, you'll see that running a threat lookup is not an option from the Act...
Hi Everyone, We are building a custom integration for Vulnerability Response to ingest vulnerability findings from a scanner for which no out-of-box connector is available. Looking for guidance on the best implementation approach, including data inge...
Hello,We are currently exploring the possibility of integrating Joe Sandbox with ServiceNow Security Incident Response (SIR).Has anyone implemented this integration before, and could you share some guidance on how to set it up?Does ServiceNow provide...