We've updated the ServiceNow Community Code of Conduct, adding guidelines around AI usage, professionalism, and content violations. Read more

SecOps forum
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Forum Posts

Resolved! sn_si_incident contain 36 million records

sn_si_incident contain 26 million records and potentially looping automation which is slowing down the test environment. Investigate potential root cause to stop this from occuring. Please let me know the resolution of same

Resolved! Associate MITRE ATT&CK via ServiceNow API

Hi, We're looking to see if there's a way to execute the "Associate MITRE ATT&CK Technique" action through the ServiceNow API? We have SIRs that are automatically created and we have the MITRE ATT&CK info from another source, and right now we are man...

nopori by Tera Contributor
  • 2814 Views
  • 4 replies
  • 1 helpfuls

Regarding Playbook(PAD)

Hi,Please let me know the table name of Playbook (PAD) where its work notes are stored. Looking forward for quick resolution regarding the same. Thanks in Advance 

Resolved! Difference between TI Case Management vs TISC Case Management

Hi Everyone, I am looking for details around the difference between TI Case Management vs TISC Case Management. Below are the questions I have1.What is the significance difference between TI case management VS TISC case management.2.What is the enhan...

Venkatesh4 by Tera Expert
  • 1790 Views
  • 4 replies
  • 5 helpfuls

Resolved! Integration capabilities

Hi there, I'm currently looking into Threat Intelligence and the integration capabilities, such as Enrich observables, Threat lookup etc... In the product documentation I see: 'Each integration capability persists in the Integration Capability [sn_se...

Greg33 by Tera Guru
  • 1107 Views
  • 2 replies
  • 0 helpfuls

Vulnerability Response - how to create a new detection key?

Hello!  I'm working on custom integration with 3rd party scanner and from what I read on docs, all 3rd party scanners have their detection key specified. How can I configure a new detection key for my custom integration?  Thanks,

Joanna17 by Tera Contributor
  • 1137 Views
  • 3 replies
  • 1 helpfuls

Detection lifecycle - Detection states

Hi,  I'm working on the custom scripted REST API for VR module. We create detections and VIT out of data send from 3rd party scanner data. Since no plugin is involved and we create this api from scratch, could you please explain the lifecycle of the ...

Joanna17 by Tera Contributor
  • 658 Views
  • 1 replies
  • 0 helpfuls

Resolved! Vulnerability Response - no NVD match for CWE-540

Hi!  I'm going through the Vulnerability Response module and I'm trying to understand nuances of NVD and CWE integrations. I have a case of some github related vulnerabilities that match CWE-540 (inclusion of sensitive information in source code), ho...

Joanna17 by Tera Contributor
  • 2592 Views
  • 6 replies
  • 3 helpfuls

Issue to automatic remediation task creation

We are facing an issue where multiple remediation tasks are getting created automatically for VITs and AVITs. Triggers are many - - closure of a VUL/AVUL record - rejection of an exception record - reopening of a VUL/AVUL record- marking of false pos...

ankitadutta1_0-1732292294507.png

Stale Detection Closure (Auto-Close) for Vulnerable Items

I have a requirement to activate Auto-Closure of stale vulnerable items. The client wants to keep the OOB configuration for the 3 rules and turn them active. I want to test the Stale auto closuire by triggering the Scheduled Job "Auto-Close Stale Det...

LittbarskiA_0-1729655581974.png
LittbarskiA by Tera Contributor
  • 1923 Views
  • 1 replies
  • 0 helpfuls