Exporting Security Center metrics
Is there a way to export the graphs/metrics from the Security Center app? For example, I'm looking for a way to schedule an email containing the 'Total Privileged Users' metric like once a week. Thank you
Forum Posts
Consistently failing NIST NVD Unmapped CPE integration.
Hello Community, I am trying to run the NIST National Vulnerability Database Integration - API (Unmapped CPE) but it is failing with the error message 'Attempting retry with process VINTPRC00******. Error: Invalid response code received from NVD: 403...
Resolved! Changing the default risk score scale for risk ratings.
Hello, Does anyone know where I would go to adjust the risk score rating scale? Say if my employer want a risk score of 60 and above to be critical (just an example), where would I adjust the scale to say risk score 60-100 should = critical?
What is the use of security control list(Allow, deny & Watchlist) in TISC application
Hi Everyone, In the TISC application, under the Administration section, there is a "Security Control List" that includes three sub-sections: 1. Allow List, 2. Deny List, and 3. Watch List. I would like to understand the purpose of this section and th...
How to Specify Conditions in Vulnerability Calculation Rule Scripts
We would like to calculate the value of the [Risk score] column of Vulnerable Items[sn_vul_vulnerable_item] using the Vulnerability Calculator Rules[sn_vul_calculator].We want to calculate it.We would like to set the conditions and values in the [Whe...
Resolved! Assignment rules - multiple support groups
Hello!I have a tricky situation and not sure how to solve this. I have Vulnerable Items for servers (Windows and Linux), which it should be assigned to related CI Service support groups, this assignment rule I have, but there is also a condition, tha...
Resolved! Vulnerability Response Auto-Close rule getting error for no active integrations when running job.
Hello everyone, I am in the process of setting up an auto-close rule for stale vulnerable items in our VR module. I have the rule conditions looking for vulnerable item . last found is relative before 1 day ago. When I run the job "Auto-close Rule Pr...
Adding a custom risk rating for vulnerability calculator
Hello Everyone, I am attempting to create a custom risk rating score for our Vulnerability risk rule calculator. Does anyone know if this is possible? If so where would I go to add this?
How to hide certain reason choices on the Request Exception UI Page popup?
Does anybody know how you can hide one of the reason choices on the popup for the Request Exceptions? We want to hide the Risk Accepted option. I scoured the review_request UI page and cannot figure it out. Thanks!
Vulnerability Assignment Based on Proof
Using the Qualys vulnerability scan integration (and I’m unsure if this is agnostic across scanners), we have certain vulnerabilities where the only data that discerns what team is responsible for remediation is the proof of the detection. Here ar...
How to create Yes/No outcome type in Flow Designer?
Hi there,I want to create an action with "Create Response Task set Incident state V1" so that analyst can answer certain questions.I configured the action in Flow Designer like this.But Yes/No question want show up in the New UI.What am I missing?
VIT assigned with wrong Assignment group
Hi Experts - I have an issue. I see two CIs in the CMDB with the same name, `WEBFE01`, but different classes: one is classified as a `Windows Server`, and the other as a `VMware Virtual Machine Instance`. The support group assigned to the `VMware Vir...
Best integration for VR - Rapid 7, Tenable, or Qualys
Hello!We are doing an RFP for a potential replacement of our Vulnerability Management Solution and may replace Rapid7 IVM with either Tenable.io or Qualys VMDR. We currently run VR with the Rapid 7 IVM API integrations and it works mostly well, but a...
Can the Notify integrations for SMS, Teams be used in Security Incident Response?
Customer wants to enable the SOC teams the ability to leverage the Notify integrations. The Notify apps say they can work with "task" data type, but does not specify SecOps data type compatibility. Has anyone heard of this being possible?
Unable to associate playbook to TISC case
Hi All, I created a simple TISC(Threat intelligence Security Center) playbook with just an update activity, but it doesn’t display a dedicated section or a button to add the playbook to a case, as it does in the Security Incident module. I’d like to ...
