How can I try ServiceNow Operations Security (OPSEC)
I have went to the https://developer.servicenow.com/dev.do and run the instance. What will be the next step?
Forum Posts
Can phishing catalog support .msg file type?
Hi All, Currently, the phishing catalog can process information only from .eml file types. Is there a possibility or option to enable support for .MSG file types as well? Has anyone implemented this before, or could you share any suggestions or guida...
I wanted to understand how secure notes work on SIR
Hello All, I wanted to understand how Secure notes work, as I could see that anyone with Sn_si.basic role can add the notes and then it is visible to evberyone. What is the use case and why it is needed ?
Vulnerable item detections with Empty/deleted Vulnerable Items
Hi All, I have integrated ServiceNow with Tenable.sc and have a list of vulnerable detections that don't have the Vulnerable Item field filled. It seems like, it was deleted. Can anyone suggest what the possible root cause could be? Regards,Maloy Ba...
Tenable.sc New Item vs Detections
I have run the Tenable.sc Open Vulnerabilities Integration and I noticed that the number of NEW DETECTIONS are not all imported to Vulnerable Items table.Any idea?
Vulnerability Response How do we get the data for Exploit exists, Skill Level, and attack vector
Hi All, Currently trying to setup Vulnerability Response. I have noticed that with all the integrations we have we are still missing vulnerability data like Exploit exists, Exploit attack vector and Exploit skill level. I have integrations setup with...
Exporting Security Center metrics
Is there a way to export the graphs/metrics from the Security Center app? For example, I'm looking for a way to schedule an email containing the 'Total Privileged Users' metric like once a week. Thank you
Consistently failing NIST NVD Unmapped CPE integration.
Hello Community, I am trying to run the NIST National Vulnerability Database Integration - API (Unmapped CPE) but it is failing with the error message 'Attempting retry with process VINTPRC00******. Error: Invalid response code received from NVD: 403...
Resolved! Changing the default risk score scale for risk ratings.
Hello, Does anyone know where I would go to adjust the risk score rating scale? Say if my employer want a risk score of 60 and above to be critical (just an example), where would I adjust the scale to say risk score 60-100 should = critical?
What is the use of security control list(Allow, deny & Watchlist) in TISC application
Hi Everyone, In the TISC application, under the Administration section, there is a "Security Control List" that includes three sub-sections: 1. Allow List, 2. Deny List, and 3. Watch List. I would like to understand the purpose of this section and th...
How to Specify Conditions in Vulnerability Calculation Rule Scripts
We would like to calculate the value of the [Risk score] column of Vulnerable Items[sn_vul_vulnerable_item] using the Vulnerability Calculator Rules[sn_vul_calculator].We want to calculate it.We would like to set the conditions and values in the [Whe...
Resolved! Assignment rules - multiple support groups
Hello!I have a tricky situation and not sure how to solve this. I have Vulnerable Items for servers (Windows and Linux), which it should be assigned to related CI Service support groups, this assignment rule I have, but there is also a condition, tha...
Crowdstrike Endpoint integration
Is any other way to filter the endpoint alerts that come in so that security incidents are only created for certain alert types besides altering the scripts? Are there alert rules or something we can configure to get this to work without updating the...
Resolved! Vulnerability Response Auto-Close rule getting error for no active integrations when running job.
Hello everyone, I am in the process of setting up an auto-close rule for stale vulnerable items in our VR module. I have the rule conditions looking for vulnerable item . last found is relative before 1 day ago. When I run the job "Auto-close Rule Pr...
Adding a custom risk rating for vulnerability calculator
Hello Everyone, I am attempting to create a custom risk rating score for our Vulnerability risk rule calculator. Does anyone know if this is possible? If so where would I go to add this?
