SecOps forum

Security Integration

I want to add manually a new item in servicenow Security integration item dashboard. How can i do that in my personal servicenow instance?

Resolved! SIR Workspace Plugin

Hi all, I am trying to install the Security Incident Response Workspace plugin in my instance. I first installed all the dependent plugins, and when I proceeded to install the Security Incident Response Workspace plugin, I could not find it in the Pl...

Microsoft Defender Endpoint and Microsoft Exchange for Office plugins

Hello! I have been using the Microsoft Defender Endpoint plugin for the Security Incident Response application, I am using it to create IoC in the MDE.My question was if there is a way to change the status of the alerts that the MDE generates automat...

Tenable.sc can be integrated with Servicenow configuration compliance application

Is tenable.sc can be integrated with Servicenow configuration compliance application, if there are any custom integration doc regarding this would be helpful?

ServiceNow VR integration with Qualys, error 400

Hello ServiceNow Community! I am doing an integration of ServiceNow VR with Qualys, and encountered an issue where KB import works fine, but Host import fails with error 400 (Bad Request).We've dug through all the logs we could find, but the most des...

Resolved! "Qualys Core" plugin VS "Qualys Integration for Security Operations" plugin

Hi Everyone, Greetings, While exploring the plugins available in the ServiceNow store concerning the vulnerability response application, I came across another plugin called "Qualys Core" that appears quite similar to "Qualys Integration for Security ...

Resolved! Changes in Qualys not reflected in ServiceNow - Asset Groups and Scanner Appliances

Hello All We are receiving some errors on Rescan attempts from ServiceNow, for just some specific IPs. Error code: 999. A virtual or physical scanner appliance is needed As a result of the error message, we have mapped some specific asset groups that...

Resolved! Can we have Remediation Task Rules created for Application Vulnerability Response?

Hi Everyone, Can we have Remediation Task Rules created for Application Vulnerability Response? Please clarify. Thanks

Remediation target not set properly for vulnerable item and remediation task record.

Step 1: The scheduled job “Evaluate remediation targets” will run daily at 7am EST. It will trigger the remediation targets rule and update the “Remediation Target” Date field, based on the “last_opened” as Sec common system.Step 2: After that, Backg...

Resolved! Is there some changes to itil role?

Hello experts,I encountered this behavior but I am not sure if this is changes in Washington Version.For both Utah and Vancouver version (based on PDI test), there is no added role for survey_reader when the itil role is added to a user. But in the W...

Trigger Pop up message on Security Incident Closure in SIR Workspace

There is a pop-up message as shown in the attached screenshot that is triggered when the state of the security incident is changed to closed in the Security Incident Response Workspace. I need to modify the trigger condition for this message. However...

Remediation Task Rules

Hello Team,I am working on a VR implementation and If I want to assign all VULs to one group, Is it better to use the User Group option to assign to a static group? I created an assignment rule to assign all the VITs to the one group, but when runnin...

Resolved! how to insert a record from back ground script through JSON format?

I need to insert a record in Incident table through JSON format can anyone help to let it happen??

Can we specify and enforce custom rules in ECC firewall with out Vault product?

Vault product documentation and setting up code signing has a documentation around modifying boot-config.yaml file to allow or reject incoming messages. Does this only work if Vault plugins are activated? Product docs here - https://docs.servicenow.c...

Resolved! Security Tickets

Is it possible to lock down an individual security incident ticket to the assignee and their manager to view and edit only? For example, if we had a checkbox to tick as "confidential", it would then lock it down to just the assignee and manager to vi...

Forum Posts

Security Integration

Resolved! SIR Workspace Plugin

Microsoft Defender Endpoint and Microsoft Exchange for Office plugins

Tenable.sc can be integrated with Servicenow configuration compliance application

ServiceNow VR integration with Qualys, error 400

Resolved! "Qualys Core" plugin VS "Qualys Integration for Security Operations" plugin

Resolved! Changes in Qualys not reflected in ServiceNow - Asset Groups and Scanner Appliances

Resolved! Can we have Remediation Task Rules created for Application Vulnerability Response?

Remediation target not set properly for vulnerable item and remediation task record.

Resolved! Is there some changes to itil role?

Trigger Pop up message on Security Incident Closure in SIR Workspace

Remediation Task Rules

Resolved! how to insert a record from back ground script through JSON format?

Can we specify and enforce custom rules in ECC firewall with out Vault product?

Resolved! Security Tickets

Does anyone know where to find the documentation f...

Where is the documentation for the Integration Ins...

Make vulnerable items untraceable in non-prod envi...

Not getting Approval in Policy & Compliance Manage...

ServiceNow and CrowdStrike VR Integration

What is the impact in Vulnerability Response of le...

Custom Table when pulled as a related list, 'Edit'...

Any way to see what Vulnerability Calculator was u...

WatchDog for monitoring long running transactions

please provide the processof major incident manage...

Vulnerability Response - how is table related serv...

SOLVED: How to recalculate Risk Rating for Remedia...

Vul Response Risk Score being updated to 0 when al...

Can we switch from ci lookup rule to IRE for CI id...

need some inputs on how to hide catalogs on basis ...