Hi Community, I would like to know if ServiceNow is using any third-party encryption keys? If yes, I am interested to know what controls are implemented to handle the risks associated with those third-party encryption keys. Any feedback is much appr...
hi anyone worked on the below one. I need some guidanceCreating OAuth 2.0 credentials for GitHub Apps - JWT for the GitHub Application Vulnerability Integration
hi anyone worked on the below one. I need some guidanceCreating OAuth 2.0 credentials for GitHub Apps - JWT for the GitHub Application Vulnerability Integration
I added an exception rule and chose "execute on existing data" . After approval there is an RT created with Deferral State but the VIT are not getting added to this RT. Is this a scheduled job that needs to be run?
Hi, I am still fairly new to the VR space, and I know that you can manually split VUL by selecting VIT's but is it possible to write a script that would automate splitting a particular VUL task and then submit an exception for this newly split VUL?
Hi All, Recently we upgraded the vulnerability response plugin, after that plugin upgradation we are getting the Risk score related work notes like belowAnd this functionality is configured in one of the OOB script include 'VulnerabilityCalculatorCom...
Has anybody implemented the new Rapid7 to ServiceNow api? Run into any issues? Any suggestions? best practices? Any documentation? thanks in advance!
We have a SecOps subscription for VR module where licenses are tracked based on device count. We have also got table subscription under this scope - 5 tables. Now we are planning to use these tables for managing the risk registers, risk acceptance a...
Hello All,I have created a new background job configuration in sn_sec_cmn_background_job_configuration in this table using the logic written in other backgroup job config(i.e OOB) Can anyone suggest me how I run this background job as I'm not able fi...
In Vulnerability Response, we have an auto-close configuration set to close stale detections based on 'Detections last found' value being found 30 days ago. The option allows you to set only one value that applies across all detections. We're happy w...
Hi,Users with Security Analyst role are not able to change assignment groups on security incidents. Is this expected behavior or should something be changed for them to edit the assignment group?I have checked ACLs and don't see any issues over there...
What tools and techniques can be used for effective root cause analysis?
We have Rapid7 vulnerabilities integrated into VR. In the Vulnerable Item detection table (sn_vul_detection) there is a 'confirmed' column with boolean (True/False) values. What does this mean and where is there value coming from ?
When manually ingesting vulnerabilities from manual ingestion template, the current out-of-the-box configuration assigns a single summary to each Vulnerability ID, stored in the third-party table (sn_vul_third_party_entry). This summary is then appli...
What is the [sn_vul_rememdation_task] table?I am trying to better understand Remediation Task functionality in Tokyo Vulnerability Response. I understand Vulnerability Groups are now relabeled as Remediation Taskshttps://docs.servicenow.com/bundle/s...
