Hello Team, I need to integrate Splunk to ServiceNow incident ( ITSM) This integration should pull Splunk for certain alerts, to generate ITSM Incidents.This should handle automatically creating ITSM Incident based on alerts firing in Splunk. Pleas...
I have a requirement to add a UI Action (UX Form Action) that will display when viewing the Security Incident form and also another action on Security Request form (list has been added) in the Security Incident Response Workspace. Attempts to add eve...
I administer SIR and VR. To update the SIR app to a new version, sometimes there are dependent apps that also need updated, i.e. Security Support Common. Security Support Common (SSC) is also used by VR and according to the Compatibility Matrix KB (l...
Hi All, Can anyone explain how the Risk Score on Third-Party Vulnerability Entry (sn_vul_third_party_entry) or Vulnerability Entry (sn_vul_entry)is calculated? In my case, I have a tenable plugin with ID TEN-35291, and the risk score for this Vulnera...
Hi All, Can anyone explain how the Risk Score on Third-Party Vulnerability Entry (sn_vul_third_party_entry) or Vulnerability Entry (sn_vul_entry) is calculated? In my case, I have a tenable plugin with ID TEN-35291, and the risk score for this Vulner...
Is there a 2022 version or bridge letter for SOC2?
I have recently read up on a lot of documents and videos on proper VR configuration prior to production deployment. A lot of it had to do with a properly configured and established CMDB. Well, my organization setup VR before even starting to mature o...
Hi Exeprts, How to show vulnerable items by service/service offering.Thanks!
Hi Experts, How can I track licenses in SecOps for Security Incident and Vulnerability Response ? Under Subscription Management ==> Subscriptions I see 1000 devices but unable to understand the meaning for it. Can you please help me to understand ho...
Hi All, I'm configuring SIR for my customer, while imporsonating users to test ACLs, I have a user who is set to View : Security ITIL:I can switch him to all the other views, except Default view: Does anybody have any Idea where to look? I've check t...
Hi All, I am trying to connect MSIM with Microsoft Teams as per the steps provided in the attached Quick Setup guide. I followed the same steps and didn't get any errors during the setup. But unfortunately, I am getting the below error while testing....
Hi All,i need to know how to change the conditions of the filter in the homepage of security incident response workspace,as highlighted in the screenshot:i'd like the change a condition of "My Team's Work" and add another filter, if it's possible Tha...
Hi All, I am trying to set up the connection between Major Security Incident and Microsoft Sharepoint by following the attached Quick Start Guide but got stuck in one step (Page 6, Step 1 of 4.1). It mentions the below:You can either use a self-signe...
Hello, My company has a requirement to allow certain ip ranges and block all else. I added the ip ranges that are allowed in IP Address Access Control easily. The issue is how do I ensure all other ranges are blocked? It would be an exhaustive exerci...
