Resolved! Why Catalog client scripts when we have traditonal client scripts?
Any specific reason behind this ? Why they have separated ?
Forum Posts
Resolved! Major Security Incident Promotion Grayed Out ?
Hello All, I am banging my head against the wall with this one. I am in the MSIM workspace. I have the sn_msi.worksapce_admin and the sn_msi.workspace_manager roles. I can propose that a security incident become a major incident. But then cannot prom...
Remediation Target on some VIT not getting populated
We are on Vulnerability Response Vulnerability Response 21.1.2. What we are seeing is that some VITs although they meet the remediation target rule condition(s) they are not getting remediation target dates populated on the VIT. The remediation ta...
Resolved! Technical Delivery/Engagement Manager Resources for SOAR
Is there a Technical Delivery/Engagement Manager whose role is to manage ServiceNow SecOps initiatives (Security Orchestration Automation and Response) and can speak about their experience and provide tips/resources I can leverage?
How to integrate Solar Winds,Rapid7,Manage Engine, MS Defender EDR this event managent tools?
Hello Team i want know about how to integrate Solar Winds,Rapid7,Manage Engine, MS Defender EDR this event management tools with servicenow, and what are pre-requisites for this, please explain step by step for this and do the needful.
New View For Different Team In SecOps Module
Hi SecOps Experts,I have query, where we need to create a separate view for different team inside SIR Module. Completely Different From Default View (Currently in use by Security Team). Need your suggestions, is it recommended/how feasible it will be...
Metric Definition for Security Incident state
Hello, I want to create a Metric Definition that calculates the state duration of a SIR from when it was opened till its state changed from 'Contain'. By now I have the following script : // variables available// current: GlideRecord - target incide...
Resolved! Give Write access for specific group and other group should readonly
Application vulnerable item [sn_vul_app_vulnerable_item] record in servicenow make readonly the remediation target and Last opened field when user doesn't have pentester role.if pentester role there for other group or group members they are able to e...
Security Integration
I want to add manually a new item in servicenow Security integration item dashboard. How can i do that in my personal servicenow instance?
Resolved! SIR Workspace Plugin
Hi all, I am trying to install the Security Incident Response Workspace plugin in my instance. I first installed all the dependent plugins, and when I proceeded to install the Security Incident Response Workspace plugin, I could not find it in the Pl...
Microsoft Defender Endpoint and Microsoft Exchange for Office plugins
Hello! I have been using the Microsoft Defender Endpoint plugin for the Security Incident Response application, I am using it to create IoC in the MDE.My question was if there is a way to change the status of the alerts that the MDE generates automat...
Tenable.sc can be integrated with Servicenow configuration compliance application
Is tenable.sc can be integrated with Servicenow configuration compliance application, if there are any custom integration doc regarding this would be helpful?
ServiceNow VR integration with Qualys, error 400
Hello ServiceNow Community! I am doing an integration of ServiceNow VR with Qualys, and encountered an issue where KB import works fine, but Host import fails with error 400 (Bad Request).We've dug through all the logs we could find, but the most des...
Resolved! "Qualys Core" plugin VS "Qualys Integration for Security Operations" plugin
Hi Everyone, Greetings, While exploring the plugins available in the ServiceNow store concerning the vulnerability response application, I came across another plugin called "Qualys Core" that appears quite similar to "Qualys Integration for Security ...
Resolved! Changes in Qualys not reflected in ServiceNow - Asset Groups and Scanner Appliances
Hello All We are receiving some errors on Rescan attempts from ServiceNow, for just some specific IPs. Error code: 999. A virtual or physical scanner appliance is needed As a result of the error message, we have mapped some specific asset groups that...
