Hi All, When a Policy Exception expires, the related Vulnerable Item reopens along with associated Remediation Task. But my requirement is to keep the associated Remediation Task closed when Policy Exception expires. How to achieve this? Thanks!
Hello, I need to send ServiceNow's system & audit logs to a Azure Sentinel. What is the best approach?From the documentation (Log Export Service (LES) (servicenow.com)) it would seem to be to use Kafka cloud-to-cloud (at least for Splunk) but I can f...
My use case is that I have to restrict record visibility on Response Task(sn_si_task). If my response task share common parent i.e SIR (sn_si_incident)then only make tasks visible to logged user who is also Assigned to user of the Response TasksFo...
Hello!Is there a role or ACL that provides create/edit/read/delete rights on the table of content items, but not on catalog items at the same time? I am aware of the catalog_editor, catalog_manager and catalog_admin, none of these match the purpose. ...
Hello Everyone, I have a question regarding the "Import Since" field in the host detection integration on vulnerability response application. From the documentation, it seems that we can specify a date to import historical vulnerability information. ...
Turn off the Next Experience welcome screen after upgrading your instance
Hello experts,While browsing and investigating on the security hardening settings, it seems that the 'Restrict Permissions for CMDB Model' security center hardening is compliant even though there is nothing configured to it. See below:When I also ver...
I created an ACL on the sys_history_set table to allow users on our customer service team to have access for troubleshooting purposes. I created the ACL, along with updating the system property, adding a new role to be able to see the table. It initi...
Hello experts, When checking on the hardening settings, I encountered this property glide.ui.url.external.content. When checking on that property it is described by this:"Enable Connect to retrieve external link metadata in order to render richer con...
How can we show which of the ACL’s are used in system by the users?Is there a report that ServiceNow provides or need to be created manually?If the report needs to be created manually, what tables can we go to see the data for ACL usage by users?
We are in the process of initiating the Qualys integration to ServiceNow.What is the best practice approach to limit, or filter, income vulnerabilities based on Qualys attribute called "Os Category" which is equal to "server".In other words, lets say...
we are currently integrating our SIR with SIEM and we would like to utilize Defender for endpoint key features - Isolate host, Remove isolation, Restrict app execution, Run antivirus scan, Remove app restriction, and Stop and quarantine file. But In...
Community, I've been studying for Security+ for a while, but then I learned that there is a cousin to it: the Cybersecurity Analyst (CySA+) cert. Which, IMO, aligns almost perfectly with ServiceNow's SecOps offerings. CySA+ maybe does not have the "s...
INTRODUCTION: “Securing Dreams: MITRE Meets ServiceNow” In the world of cybersecurity, I wear two hats: one labeled "ServiceNow Enthusiast” and the other “Cyber Defender.” My job isn’t just about paychecks; it’s about turning my passion into acti...
Does anyone have either documentation or knowledge of how to audit on a module by module bases the number of users that are licensed to use that module? I’m being asked to find this information and it seems a bit overwhelming. We’ve got a couple that...
