We are ingesting Qualys test results from multiple Qualys instance... let's refer to them as Qualys A and Qualys B. Each Qualys instance has different policies and ingesting test results from each instance results in policies being recorded in the sn...
Hi,How to change the default tab for Security Incident Response workspace?When I open a security incident from workspace, the tab defaults to 'Overview'. Instead it should be defaulted to 'Details' tab when users open the record. Please assist.
I am aware of the 'Reapply Remediation Task Rule' option from a remediation task rule, however the fact that this deletes all VUL's that are open and then recreates new ones is not an ideal solution. I created a new assignment rule, and also changed ...
Hello,I'm looking for additional information about following 3 properties:1. sn_sec_cmn.filterOutDecommissionedCIMy understanding is that if we have this property enabled, ServiceNow will not mach an vulnerability to retired CI, instead it will creat...
Some of the vulnerability items in vulnerability response module of snow are not assigned to any assignment groupFor example, A configuration item has various VITs created with different QIDs, Some are assigned to respective group., some are left una...
Hello, I need to update the push notifications that are sending when an Onboarding Journey and LE are initiated.I just need to update the push notifications to only send for some activities when launched. Also a need to deactivate push notifications ...
Hi Community,I have an issue that i'm wondering if anyone else has seen.ScenarioA server that has multiple network adapters and ip addresses, say a cluster node.CI has both IP's listed in ServiceNow CMDBTenable scans both IP addresses and records the...
Hey The OOTB notifications aren't getting triggered for SIR. All the events are triggering sir.request.changed event for Security Incident update notification. When I create an incident the sir.incident.email.creation event should get triggered but i...
I am working to implement Tenable.io with Vulnerability Response. We are normally filtering out vulnerabilities that are medium-severity or below. However, a new requirement popped up for us to also import medium-severity vulnerabilities, only if t...
When creating manual AVIT records, if an Ethical Hacker creates a new AVIT, even an App-Sec manager cannot edit that record. This works the other way around too. Is this by design? Even members of the same role cannot edit records that other members ...
Hi Team, Currently working with a customer for SecOps VR implementation. SIR is not implemented and not a purchased mdule as of now. The Vulnerability scanner details shared are as below along with the available integrations.1. Trend Micro - Incident...
Scenario 1:On the Remediation task need to create a UI action button , on click of UI action 2 buttons (ok,cancel) should be visible. On click of Ok, it should chnage a substate field value .Scenario 2:In the Ui page few fields of records should be p...
Hello, I would like to use a script rule to calculate risk ratings for VITs. Does someone has an example of a script to get me started? I'm not sure how the function should look like and which objects are available and what to return.
Hello here, After last upgrade of SIR we are facing issues with attachments preview in activity log. If I drag and drop to record, all is working fine. Using upload attachment functionality is not generating image preview. Not really sure what happen...
Hello,Is there any way to process the records from a table batch wise in a flow or a subflow?In my case I have a flow which is internally calling a subflow in which I need to fetch the records from a table e.g. "sn_si_incident" and in one go I should...
