Vulnerability Response
Requesting you to kindly share the implementation checklist for Vulnerability Response module?
Forum Posts
Updating ServiceNow ticket using Splunk SOAR - problem with list field
I am trying to update an incident ticket automatically. One of the fields (u_vendor) is a list, not a simple string value, and it's not updating properly. This is the json that I am sending: {"state":"-5","u_on_hold_type":"awaiting_vendor","u_vendo...
re-open remediation task can be be modified by remediation task rules?
Hi All, I have a query related to remediation task rules. Normally when we run the remediation task rules it delete the open remediation task and re-create it. Now, the query arises: If a vulnerability analyst addresses a remediation task and marks i...
Resolved! Report and Dashboard
Hi All,Hope you are doing well,Could you please let me know if we can find a list of reports included in each dashboard?Best Regards,Anna@Tai Vu
Automatic closure of child security incidents / group security incidents
Hi, We are looking into a solution to automatically close the child security incidents when the parent security incident is already closed. We would be expecting that the child security incidents will also be closed, but currently this is not the cas...
Tenable ITSM incident rules are not triggering when vulnerability occurs in servicenow
I've created incident rules in ServiceNow to automatically generate incidents when Tenable vulnerabilities are detected. However, the rules don't seem to be triggering incidents even though the vulnerabilities are showing up correctly in ServiceNow. ...
Resolved! Custom Qualys Integration
Hi folks!Is there anybody out there that might be able to simplify an explanation, point to a more distinct document or KB article that explains the linkages of the Integration to the source integration, to the source integration, the integration par...
SIR -- Share incident with Assignment group
Hello,In the ServiceNow Security Incident Response module, is there a way add an assignment group for privileged access. Currently, there is the ability to add users one at a time to grant them access to a ticket, but this a tedious process, is there...
Exception Rule: Execute on existing data functionality is not working
Hi,We have configured an exception rule as shown below and checked "Execute on existing data".But the VIs which were created before 3/28 were not deferred and the VIs created after 3/28 are getting deferred. The scheduled job 'Associate existing VIs ...
Auto-Stale Detection Testing
Hello , I want to know how to test auto-Stale detection and Auto Delete rules feature in Vulnerability Response in Dev Instance . Please explain in brief .
Resolved! Unable to create SLA definition for Security Request (sn_si_request) table
Hi all, Due to this thread not being able to resolve my problem, I was advised to create a new thread entirely. So if it helps, here it is. The problem: I'm in the Security Incident Response scope trying to create an SLA (OLA actually) definition fo...
VR - Product Enhancement Ideas
Hello everyone, Trying to raise visibility of some Ideas I have recently submitted to the Idea portal to enhance VR & VR Scanner Integration capabilities. VR - False Positive RulesCurrently we have the capability to define "exception" rules to auto-d...
How to remove Recorded Future Integration with Servicenow.
Hi, Can anyone let me know the steps to remove Recorded Future Integration with ServiceNow no longer needed. Thanks.
New UI (security analyst workspace) why does pinning a related list only save for that incident?
Hi,We are currently still using the New UI for security incidents. We got a requirement to add a certain relationship to the overview section. As far as I know (please correct me if I am wrong) this cannot be configured.. So I did add it to the explo...
Resolved! Email Client Template
Hello I am trying to configure email client templates . I have created 4 templates related to Security incident table . But when i am clicking on email option i am unable to see the below option to select a dedicated email template . How to unable th...
