Hi All, Facing an issue with DLP incidents. When we close the DLP incidents the "assign to" field value gets cleared automatically. Also, sometimes the end user field value gets cleared when the incident moves to close state.Can anyone let me know th...
Hello,we currently have the idea of automatically creating multiple Vulnerable Items from a single vulnerability finding on a single device. The background of this idea is that we want to import the vulnerability findings of our pooled VDI environmen...
Replacing Asset_ID with to cmdb_ci in detection key has significantly lowered the number of vulnerable items imported. We have a tenable.sc scanner integration. We change the detection key from the out of the box detection key that included Asset_ID...
Hi All, I am facing issue with Tenable.sc integration.Getting below error when i try to execute the integration.Caught error while retrieving data, integration process VINTPRC00com.snc.automation_common.integration.exceptions.EncryptionException: Exc...
We have an issue where when a Playbook starts it is running a flow to generate the Security Incident Tasks. When using Admin, the playbook shows the tasks just fine in the Security Incident Response workspace. However, when a non-admin person creates...
Hello Community, Can you please help with ideal page load size when downloading Qualys data
Hi SN Community members. ASK from IT Security manager within our org - In SN PROD instance, if it is possible that 'security approval can be obtained (via automated workflows or manually) so that we know about changes in privileged groups and we can ...
Payload EncryptionI need some insights regarding payload encryption during data transactions. Specifically, when we retrieve values from one data source in ServiceNow and transfer them to another in 3rd party application, I need to encrypt the payloa...
Hello SecOps Friends, I hope you're all doing well! I wanted to share something interesting I recently learned and would love to hear your thoughts on it. In a project I was working on related to Vulnerability Response, I chatted with a ServiceNow em...
Hi guys,I installed the OpsGenie plugin to integrate with the client's Jira. Looking at all the settings that the module configures during installation, I noticed that the notes are focused on the incident table. By opening a ticket in ServiceNow in ...
Hi, We have a expired exception rule and need to extend it for few more months, but every detail on the form is greyed out and don't see 'Request Excpetion' button on expired rule. Please advise.
HiI am working on a request to modify how the work notes are copied from the response task to the Security Incident. We want to include the Short Description from the response task in the work notes. I see that this is configured in the SIR administr...
Hello I'm looking to do a custom integration with Splunk SOAR, as there is NO available add-on for SIR integration with Splunk SOAR. Can anyone tell if doing a custom bi-directly integration between SIR and Splunk SOAR requires any special license en...
Application module field in Application Vulnerable Item table not populating values for all records. What is the reason for it ?
Hi, The title may not be representative of what should necessarily be occurring but it's what I feel should occur based on the behavior. Has anyone seen an issue in which a VIT is reopened months or even a year after it was originally resolved, in wh...
