Hi, I'm working on the custom scripted REST API for VR module. We create detections and VIT out of data send from 3rd party scanner data. Since no plugin is involved and we create this api from scratch, could you please explain the lifecycle of the ...
Hi! I'm going through the Vulnerability Response module and I'm trying to understand nuances of NVD and CWE integrations. I have a case of some github related vulnerabilities that match CWE-540 (inclusion of sensitive information in source code), ho...
We are facing an issue where multiple remediation tasks are getting created automatically for VITs and AVITs. Triggers are many - - closure of a VUL/AVUL record - rejection of an exception record - reopening of a VUL/AVUL record- marking of false pos...
I have a requirement to activate Auto-Closure of stale vulnerable items. The client wants to keep the OOB configuration for the 3 rules and turn them active. I want to test the Stale auto closuire by triggering the Scheduled Job "Auto-Close Stale Det...
Hi Experts,Need some learning paths and references on vulnerability response application. I am checking product documentation available but looking for some other references with less content.Thanks in advance.
I am working on a client request to send notifications to different users, whenever the remediation target is missed on vulnerable items. I have my remediation target rule working, but I can't find a way of achieving this scenario. On day that target...
Hi, We have integrated Qualys Policy Compliance with Configuration Compliance. However, the weekly job/integration 'Qualys Comprehensive PC Results' shows a weekly successful run, but when we monitor the API calls in Qualys, it always shows that so...
Hi All,Can anyone please tell me when Remediation Task rules are triggered? I have created a few rules that group the vulnerable items per CI. Whenever the items are getting imported, the rules are not always triggered. Is there a scheduled job that ...
Every time I try to reapply the CI lookup rules in sub-PROD instances, I get the following Info message : "An integration run or proof granularity job is in progress. You can create a new job after it is complete." Is there any way that I can find ou...
Hello, we are using both NIST ... (CVE Only) and TVM Vulnerability(CVE) integration, they both update National Vulnerability Database Entries (sn_vul_nvd_entry). The NIST NVD integration is executed first and TVM later (in couple of hours). We see nu...
can someone pls help with Security Incident reponse high level process
Hello,I'm implementing the out-of-box (OOB) Fortify on Demand (FoD) integration through the ServiceNow Store App, and I need help with customizing the data retrieval process.Current Situation:The integration retrieves Fortify application and release ...
Hi All, Vulnerable item closed field is not populating the latest value when the VI record is reopened and closed multiple times.Please find the screenshot below. Can someone help me with where i need to make changes to resolve this issue?
Hi All, I am seeing a weird issue.I have 1 CI and for that CI, 27 Discovered Items have been created. Out of those 27, only 1 has VITs, and the rest others are empty. What could be the reason for these many Discovered Items? How to fix this issue? ...
Hi all - I see nearly 30K are under this incomplete IP-identified devices class and the source of these is from "Rapid7". I I tried to compare the Rapid7 range and discovery schedules. but I am unable to move forward on this,. I am trying to under...
