sn_si_incident contain 26 million records and potentially looping automation which is slowing down the test environment. Investigate potential root cause to stop this from occuring. Please let me know the resolution of same
Hi, We're looking to see if there's a way to execute the "Associate MITRE ATT&CK Technique" action through the ServiceNow API? We have SIRs that are automatically created and we have the MITRE ATT&CK info from another source, and right now we are man...
We want to limit users with the impersonate role (which includes admins and certain non-admins) from accessing sensitive data in VR and/or SIR applications when impersonating other users. Use Case:A remediation owner is assigned a critical, exploitab...
Hi,Please let me know the table name of Playbook (PAD) where its work notes are stored. Looking forward for quick resolution regarding the same. Thanks in Advance
As per the requirement, I have to create a report which comprises of Integration Error logs so that I would be able to create a report for the Failed or Cancelled Integration logs like Integration that done using CrowdStrike API so that I can show th...
Hello, We want to hide some of the Reason choices within Vulnerability Manager workspace. Is anyone aware of how to achieve this? It is easy to do this in classic UI but not sure how to do this in the workspace views.Any quick help would be highly ap...
Hi Everyone, I am looking for details around the difference between TI Case Management vs TISC Case Management. Below are the questions I have1.What is the significance difference between TI case management VS TISC case management.2.What is the enhan...
I created an exception rule that defers VIs with low risk score. Exception rule works correctly when VI is created. But in case the Risk score increases the Exception rules do not reopen the deferred VIs. Is that an expected behaviour? If yes, what w...
SeqOps-VR's function is to capture vulnerability information from third-party vulnerability scanners, such as the National Vulnerability Database (NVD) and Rapid7, and generate Vulnerability Items (VI). In this case, is it possible to use a series of...
Hi there, I'm currently looking into Threat Intelligence and the integration capabilities, such as Enrich observables, Threat lookup etc... In the product documentation I see: 'Each integration capability persists in the Integration Capability [sn_se...
Hello! I'm working on custom integration with 3rd party scanner and from what I read on docs, all 3rd party scanners have their detection key specified. How can I configure a new detection key for my custom integration? Thanks,
Hi, I'm working on the custom scripted REST API for VR module. We create detections and VIT out of data send from 3rd party scanner data. Since no plugin is involved and we create this api from scratch, could you please explain the lifecycle of the ...
Hi! I'm going through the Vulnerability Response module and I'm trying to understand nuances of NVD and CWE integrations. I have a case of some github related vulnerabilities that match CWE-540 (inclusion of sensitive information in source code), ho...
We are facing an issue where multiple remediation tasks are getting created automatically for VITs and AVITs. Triggers are many - - closure of a VUL/AVUL record - rejection of an exception record - reopening of a VUL/AVUL record- marking of false pos...
I have a requirement to activate Auto-Closure of stale vulnerable items. The client wants to keep the OOB configuration for the 3 rules and turn them active. I want to test the Stale auto closuire by triggering the Scheduled Job "Auto-Close Stale Det...
