SecOps forum

DLP Incident

How to create a DLP incident in ServiceNow Secops SIR

In SecOps implementation and I got an opportunity to configure a new Playbook in the Security Incident Response.What are the best practices need follow?What are the prerequisites?How to implement a new Playbook for enriching the Security Incident Res...

Error: Invalid response code received from TenableSCAssetsIntegration: 403. Access denied.

Hi,Tenable integration jobs are failing due to "Error: Invalid response code received from TenableSCAssetsIntegration: 403. Access denied." Any idea why? Thanks

Can we manually create a vulnerability?

Is it possible to create a vulnerability manually through the UI? Not a VIT, rather an entry under "Libraries" in either NVD, CWE or third-party? Not seeing a "NEW" button out-of-the-box, or in any of the other Libraries for that matter. This is with...

I want to update the value of the repair target when the risk score of the Vulnerable Items

In Vulnerability Management, when the severity and risk score of vulnerability information imported from third parties changes, we would like to re-set the value of the remediation target. We are aware that we need to customize the “_setRemediationRu...

About Integrating with Multiple Microsoft Teams Tenants

ServiceNow for Microsoft Teams is used to build ServiceNow and Microsoft Teams integration. OOTB recognizes that ServiceNow instances and Teams tenants can be integrated in a 1:1 relationship.Is there a way to integrate one instance of ServiceNow wit...

Risk reduction in classic UI

Hey everyone, Not sure if someone is facing similar situation. I would like to see risk reduction "exception" in classic UI. Why? Reason is very simple. Not all our teams are working in workspaces. Actually only few are and there's the problem. Teams...

Resolved! Risk Score Configuration in security incident

Hi All, Can anyone let me know how the risk scores are calculated for security incidents? is it only depends on Business impact and priority? What are the different types in risk score configuration? How do we calculate Users business impact,vulnerab...

tenable.sc integration with ServiceNow, looking for only ITSM configuration without Assets sync

I am looking for only ITSM configuration from Tenable Security Center (tenable.sc) product without syncing Assets to ServiceNow.The document provided by tenable is not very much clear to configure only ITSM with ServiceNow, can someone help with a gu...

Vulnerability Response: Vulnerable Items have the CI listed as undefined for Tenable.io

Hello,I am currently working on the Tenable.io integration and have encountered an issue where the Vulnerable Items are showing the CI as Undefined. I'm unsure about the next steps or the actions required to resolve this.Please see the attached image...

Modify 'Other Records' tab Security Incident Response Workspace

My goals is to allow analysts to link multiple incidents to an sn_si_incident record. I have thought of a number of ways to do this, but I'm coming to a dead-end. My options seem to be: - Modify the UI action in Other records on a sn_si_incident wit...

Remediation Target date for Vulnerable items are not getting calculated

Remediation Target date for Vulnerable items are not getting calculated. When vul item is recalculated via Vulnerable calculator, then post recalculations remediation target is not getting updated (Ideally it should). Anyone faced similar challenge ...

SIR persona and role attribution

Hi All, This is a challenge I've faced frequently when implement SIR for a customer and I was wondering if there are any 'easier' solutions than messing around with ACLs to achieve it:- Simply put, the SIR OOTB provides for these roles: CISO / Manage...

Tenable Integration

Hi All, We are doing the configuration for the 'Vulnerability Response Integration with Tenable'. We have managed to make the data come to SN, but the process part is either erroring or ignoring the data. I manage to see that: The data is being ignor...

I'm not able to see native UI action button(create security incident ) in vulnerability workspace.

In native UI of vulnerability response I'm able to see create security incident button but in workspace I'm not able to find that button. how can I configure that ?

Forum Posts

DLP Incident

Security incident playbook

Error: Invalid response code received from TenableSCAssetsIntegration: 403. Access denied.

Can we manually create a vulnerability?

I want to update the value of the repair target when the risk score of the Vulnerable Items

About Integrating with Multiple Microsoft Teams Tenants

Risk reduction in classic UI

Resolved! Risk Score Configuration in security incident

tenable.sc integration with ServiceNow, looking for only ITSM configuration without Assets sync

Vulnerability Response: Vulnerable Items have the CI listed as undefined for Tenable.io

Modify 'Other Records' tab Security Incident Response Workspace

Remediation Target date for Vulnerable items are not getting calculated

SIR persona and role attribution

Tenable Integration

I'm not able to see native UI action button(create security incident ) in vulnerability workspace.

Execution configuration

Help us improve your ServiceNow experience! Partic...

Microsoft TVM Machine Vulnerabilities Integration ...

Recommendation name is empty

Pause remediation Target Rule when VIT In In-revi...

Configuration Compliance:Can not manually close te...

Vulnerable Items (VITs) default state set to Defer...

Process Vulnerability Solution Metrics Queue - Cha...

How to resolve Form Sections duplication while mov...

European Union Vulnerability Database EUVD Integra...

Task 1: Create and Configure Security Groups (Cont...

Zscaler (ZWA) Integration with ServiceNow – Defaul...

How to modify order of columns in Prioritization t...

how to configure vulnerability response to auto cl...

Zero day Vulnerability - Best Practice