I've built a TAXII profile but the discovery server requires a username and password of guest/guest. I'm not sure how to build the REST message to send that. When I test connecting to the TAXII server manually with the username and password using Cab...
In the DLP documentationhttps://docs.servicenow.com/bundle/utah-security-management/page/product/dlp-microsoft/reference/getting-started-microsoft-integration.html Under the heading 'Required API Permissions/Roles on a Microsoft Azure application' it...
Hi,I have some unknown characters which comes through an integration, but when I am trying to copy or trying to save in other string field, it is not allowing to save it.Below is the sample of those characters.Ex.- :$)C32@: 8^@O ?k7.@; H.$)C@NGX AV<<...
Hi, I have questions regarding the false positive vulnerabilities. Please see below1) Does false positive vulnerabilities reopened from source scanners (Qualys, Rapid7)? 2) Once vulnerabilities are marked as false positive what are the options to reo...
Hello,I am looking for general guidance on what anyone has done to prioritize the integration of multiple SIEMs in an implementation (if it calls for it). This is aside from the customer stating which SIEM they want as their primary versus secondary ...
How do you deactivate a test group or policy in Configuration Compliance? Is there a certain role needed to do so? I have tried elevating to security admin or impersonating the Qualys admin role and neither works.
Hello experts,Do you have any idea why does the Security Center shows a different compliance score compared to the Instance Security Center?
From what I understand: Vulnerabilities which are deferred using an exception rule, if they close and then open whilst deferred no longer retain the deferred status and move to open. I believe from reading the forums this is as designed and there is ...
Checking to see if there is an architecture diagram for Security Operations that shows all applications for Security Incident Response, VR, Threat Management, Configuration Compliance and Trusted Security Circles.
How can the Application Vulnerability Response Penetration Test Assessment Request form be updated to add custom fields and/or edit preexisting fields?
Hello,We recently moved to use the Security Incident response module, and wanted to know if there is a way to edit the list of closure codes, specifically remove or hide some from the list. I have included a screenshot of the list of closure codes th...
I am trying to change the fields that are display in the details tab of a Security Incident (SIR record). The current fields in the details tab display values for: Priority Risk score State in that order. I am being asked by the Security Agents to c...
We are migrating from the Qualys PC Result Integration to the new "Tokyo" integrations Qualys PCRS Policy Host Integration and Qualys PCRS Test Results Integration. And would like somr help. 1) For the current integrations we setup the Server URL, ...
Hello SecOps Community, The ServiceNow VR team has run a very tight schedule of "VR success recommended practices" webinars in Q1. The feedback from participants has been very strongly positive and the majority asked for more. So, please find bel...
Hello,I've encountered the issue with the IT Remediation Workspace in my Customer DEV instance - UI Button "Create Change" is missing, though the roles are assigned properly.I can see the button on Remediation Task form, but on IT Remediation Workspa...
