This question has been asked before. I am not asking for a solution.Just wondering if the Re-open feature is there on the Security Incident Response (SIR) roadmap for Security Incidents? Trying to figure out if its worth developing or will be availab...
Hello, we have an issue where we had deleted several Remediation Tasks and it has left a large number of VIT's in an Under Investigation state. Because of that Assignment Rules will not apply to the VIT's. Is there a way to change the state of a VIT ...
Hi, Doing some testing on VR Solution Mgmt I was wanting to get the preferred solution to populate for our Vulnerabilities and VIT's.Looking at the documentation, they mention a system property sn_vul.latest_solutions_fieldDo we know what type of pro...
Hello, We are using Qualys Service Integration for VR (Qualys Integration for Security Operations: v12.1.1) I am looking at modifying the API to exclude non-running kernels and superseded patches. looking at this article, and Qualys API documentation...
Hi everyone,I am trying to build a report to show case the metrics definition (for example: Mean time to triage/acknowledge). I used the performance analytics to generate this report because we need to showcase the target value. The issue which is ha...
Hi all,We are implementing MITRE framework. We tried configuring auto extraction rule but they dont seem to be working. Has anybody implemented that or can share some insights. That will be really helpful @andy_ojha
Qualys web application scan has reported a Low vulnerability which was not synched with snow.We couldn't find any VIT record created for this vulnerability.Do we have any specific criteria to create VIT records
We want to create new field in CVIT form and import the details from OOB Prisma integration. So we want to use that field in assignment rules. So is there way to include that field mapping without touching the OOB script include. Any suggestions
How to Restrict Qualys Creating CI's in Unclassed Hardware, we have a requirement to partially stop creating the CI in Unclassed. is there a way to disable? Thanks in advanceRam
Requesting feedback to see if anyone has changed the IRE default for "Operation Status" (which is "Operational") for Vulnerability Response create CIs. 1) Qualys scans a server and detects a vulnerability.2) VIA the SN VR API we consume that vulnerab...
Hello, We just recently implemented the Vulnerability Response Module. When I issue a rescan from either the classic UI or the Vulnerability Manager or IT Remediation Owner workspace, I get an error: 403 - Please specify a valid Repository. Here is...
Hello experts,Did anyone of you have any experience on utilizing the any of the following properties (glide.integrations.active.session.life_span, glide.ui.active.session.life_span and glide.guest.active.session.life_span) ?I can see in their documen...
We have recently implemented the Vuln Response Module. I am trying to figure out how to only show active integrations when selecting the INSTANCE for a Rescan of a VIT (that is not closed). When I try to set the INSTANCE, I see my Tenable.SC integr...
Hi All, When I'm closing Vulnerable Item I have two option for closure:Wait for confirmation from next scan Close vulnerabilities now, reopen if found I need to know if I select any one of the 'Close Now?' options, in ServiceNow, in which field the ...
We are trying to integrate ServiceNow with Crowdstrike Falcon Endpoint for Security Incident but integration gets disabled each day or so. Integration works for sometime but then it fails. In logs we are receiving error that Rate Limit has increased...
