Hello all we are setting up the MS exchange online integration to enable search and delete of emails but after running through all the SNOW documentation when we hit validate for the connection the state of the validate certificate authentication sta...
MSIM workspace has a tab called "Collaboration" once you open a major security incident. On this tab I can not get the SharePoint library to display despite having configured it correctly. If I open the workspace in UI Building, this section has a de...
We are running two integration instances in our environment, one for Qualys Vulnerability Response and one for Qualys Configuration Compliance. Below are the jobs running for Qualys VR and Qualys CC. We started seeing duplicate VITs in our production...
In the Security Incidents application. I’m looking for a technique on how to restrict access to the records. A user who is currently login can see and edit only records that he assigned to.
What does the "Mark Deprecated" UI Action do on the Test Group (formerly Policy) form? The UI Action is present on both "Active" and "Inactive" Test Groups. Does this UI Action just deactivate the Test Group or is this another action?
Within our integration of Qualys and Qualys SCA into Vulnerability Response and Configuration Compliance, we are experiencing some VIT duplications that correspond with the starting of Configuration Compliance jobs starting. Since Qualys uses the sam...
Thoughts on the following configuration for incident and problem handling. The tool has been configured so that a major incident can be placed on hold Pending Problem. When you link an Incident to a Problem and set this status, the cause and fix info...
Hi,Our team is looking for an option to reopen a Security Incident which is in closed state. Currently once you close the Security incident you cant reopen or edit any fields. Basically team is looking for an option to edit fields on a security inci...
In Multi-factor Authentication (MFA), User should Download and install any one of the Authenticator Application for first time. From next login onwards they can use the Authenticator Application or request a verification to be sent via email by click...
Is it possible to customize the Security Incident New UI? Changing form fields or form layout?
Hello Everyone, One of customer do not have Secops module in place and not planning to have it either.However we are being requested to integrate the Rapid7, Carbon Black and Varoins with ServiceNow in order to have events sent to ServiceNow and then...
Hi all ,I wanted to try task intelligence for ITSM in my PDI but the required number of incidents needed are 10k.so is there any way I can create or get some demo incidents data.Thanks,
glide.security.url.whitelist - created this system property (snapshot attached) to check its nature of operation but turned out as a fail. When logout from the admin user or a newly created user from the PDI, its not working as expected (enforces val...
Hey all-we have a working Splunk ES integration configured previously by ServiceNow implementers- but the 'source' field is currently populating to the SNow form default of 'phone', and the secops folks want it adjusted to SIEM. instead of changing ...
