SecOps forum

VR data migration between two instances

Hello community, What is the recommendation to migrate VR data between two instances, especially Remediation Tasks that are not under open state (under investigation as an example)? Thank you in advance.

Can discovered item record gets changed on a vulnerability ?

I want to understand that can a discovered item record that is already attached to vulnerable item be changed with a different discovered item , If yes then what can be the reason for discovered item to get update , OR is it like once Discovered item...

Resolved! Filter PA Scorecard on a breakdown, and honor the Target for the indicator

Hi folks,I have modified my first PA List widget with a Scorecard visualization, and I am struggling with a couple things on it. Hoping somebody can direct me with pointers to get what I'd like or at least to the right documents that explain it. I ...

Third-party entry in vulnerability response

There are list of third-party entry records pulled from tenable as scanner but could not able to find any vulnerable items related to those third-party entry records. since third-party records will be populated only if a vulnerability is found in the...

Resolved! SecOps VR - Exception request date future/format error

Hi,As a fairly inexperienced developer I'm struggling with solving a reported incident with our Vulnerability Response implementation. Hopefully the community likes to support me with this. Last January 2024 an issue was first reported with requestin...

Resolved! Unable to request exception on remediation task

Hi All, When I click on the "Request exception" after updating the mandatory fields and when I try to submit for request approval I am getting the below error. The date is populated by the calendar automatically. Even though the format is correct it ...

Email Routing Rule: Forward email to servicenow to create an incident

Hello all, Our users report phish emails which then go to a specific email address. How can we set up forwarding from that email address to servicenow to auto create incidents? Thanks

SIR - Anyone running MSIM and an alternate SOAR with a SOC that has about 25 FTEs

Hoping to find a community member with that footprint who'd be willing to speak with another customer.

Security incident response

Created one new custom role and created new Read ACL and added role Gave role to a user impersonated user not able to view sir record.

Vulnerability Management for On-Prem Instance

Hi All! I am wondering how vulnerability management could work on an on-prem servicenow environment. Specifically will integrations of third party scanners such as the Tenable or Splunk integrations be usable when interacting with an on prem servicen...

Remediation target date is not getting updated for existing VITs record

Hi All, We have created one new Remediation target rule, but it is getting applied to the new records not for the existing ones. Also, executed the scheduled job for it, but still the target date is not getting updated. Remediation target rule: V...

Tenable.sc with ServiceNow Plugin output

plugin outputWe have successfully integrated Tenable.sc with ServiceNow (Utha) for Vulnerability Response and are looking for supplemental information that we see in Tenable, but it is not included through the integration/API or haven't been able to ...

Vulnerability Response with Domain Separation

Hello all,I'm working with a client that has domain separation in their instance. They're going to start using the Vulnerability Response application, and their CIs are already domain separated so I believe it makes sense to have the vulnerable items...

Linking runbooks with security incidents

Hi, I am trying to link a runbook with incidents and incident response tasks by adding a filter condition.(Incident description contains phishing) (Screenshot attached)But this does not reflect when a new phishing incident is created or in any existi...

preceding vulneability vulnerable items are not getting closed automatically

Hi All, We are facing an issue with preceding and superseded vulnerabilities in ServiceNow. We have modified the "filter_superseded_qids" parameter in the "Qualys Host Detection - Standard rest message to filter and bring only the superseded vulnera...

Forum Posts

VR data migration between two instances

Can discovered item record gets changed on a vulnerability ?

Resolved! Filter PA Scorecard on a breakdown, and honor the Target for the indicator

Third-party entry in vulnerability response

Resolved! SecOps VR - Exception request date future/format error

Resolved! Unable to request exception on remediation task

Email Routing Rule: Forward email to servicenow to create an incident

SIR - Anyone running MSIM and an alternate SOAR with a SOC that has about 25 FTEs

Security incident response

Vulnerability Management for On-Prem Instance

Remediation target date is not getting updated for existing VITs record

Tenable.sc with ServiceNow Plugin output

Vulnerability Response with Domain Separation

Linking runbooks with security incidents

preceding vulneability vulnerable items are not getting closed automatically

Flow is throwing an error while creating a record ...

Vulnerable item Rescan functionality not showing r...

Tenable.io authentication

VR Remediation task duplicate record

Recalculation of Remediation Target Date when a Ri...

Ref info button is not working for CVITs table

Clarification on CIS–Vulnerability Response Exam V...

"ACL Exception Insert Failed due to security const...

Question about July 31 Transition for Wiz Built St...

CI Lookup Rule - Auto promote on certain classes

Not able to install VR plugin in PDI

How to create reports for MTTR, TTR and Total time...

How can I add multiple CIs to the Security Inciden...

'Public Exploit' field in Vulnerability

Matched Discovered Items have empty 'Matching type...