Resolved! Servicenow SecOps
Hello Everyone, Could someone please provide the secOps module interview questions? Thanks,Khaleed.
Forum Posts
Resolved! Does sn_vul.exception_approver role require any kind of license?
Hi all,I know that we need to get the definitive answer for this question from the SN rep as with all licensing issues. But does anyone have any personal experience as to whether users need to pay for the ability to approve just vulnerability excepti...
Custom Integrations for Qualys Assets
Hello and happy Holidays coming! I am wondering if there are any Qualys users of SecOps out there that might have supplemented the integrations with something that brings over more Asset-related details, including metadata, from the AssetView and/or...
Rest API - how do i retrieve all Vulnerable Items under a remediation task?
Hi, I am having trouble fetching the complete list of Vulnerable Items under a remediation task (aka vulnerability group)?Any help would be appreciatedThanks
What happens to Vulnerable Items without detection
We have recently upgraded from 'Tenable-built' VR integration to the 'ServiceNow-built' Vulnerability Response Integration with Tenable. The latter (ServiceNow-built app) is now using detections but the former (Tenable-built app) is not using it. My ...
Issue with setting default Vulnerability Scanner in VR
Hi all, I am implementing ServiceNow VR and SIR, and in order to submit a vulnerability scan request from SIR I need to have one of my vulnerability scanners set as default. I go to Vulnerability Response > scanners, and I try to set the default valu...
Error in the Microsoft Defender integration with ServiceNow during capability execution
Facing error while getting Machine ID in the Microsoft Defender integration with ServiceNow during the capability execution. The integration is made successfully between MS Defender and ServiceNow. But executing the Capabilities like "Get Host Detail...
Configurable options for Major security incident management
Hi there, I'm currently evaluating MSI and have the following questions: 1. Is it possible to add custom states to Major Security Incident Task [sn_msi_task]? I've tried adding a new state; however, it seems like the Tasks board in MSI workspac...
Resolved! Vancouver upgrade --- set assigned to/assignment group
When a user has a security incident response task, and they update the assigned to/assignment group fields, the form saves but the assigned to and assignment group field are blank and the red mandatory asterisk is visible on the screen. However, the ...
Filtering vulnerable item based on assigned to or assignment group
User has sn_vul.read_all role. When the user accesses the sn_vul_vulnerable_item table, all vulnerabilities can be viewed (including those assigned to others). The requirement is to display only those vulnerable items that are assigned to users or gr...
Zscaler + ServiceNow integration. No way to track who initiated the request
Hi, I was configuring the servicenow integration with zscaler using ootb store app. I was able to successfully setup the integration. The query i have is that I don't see anyway to track who requested the url blocking or removal. No fields on zscal...
Allowing Remediation Owner users to create their own custom VUL Remediation Tasks
Hey everybody.We are investigating the best way to allow a user with the Remediation Owner role to be able to create a custom Remediation Task without just opening everything up and giving everybody the write_all role. Based on the ACLs and UI Butto...
Security Incident Closing - review response task - new status
Hi All,I created a new response task status called "Not Applicable" that has to take in consideration when closing the related security incident.Actually, You can close a security incident only when all response tasks are completed but i want to clo...
Vulnerable Item State Approval workflow not working correct
Hello everyone,I have a requirement , to change the workflow of Vulnerable Item State Approval , when 1st approval is rejected , move to the next one and when approved just mark it as approved. I have inserted the logic and the scripts to populate th...
Resolved! Disable/Hide the "Application Vulnerability Response" module in the navigator?
I have done many Vulnerability Response implementations for clients and majority of them do not use the Application Vulnerability Response module. I have attempted to "hide" this module within the Application Navigator by setting the Application Menu...
