SecOps forum
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Forum Posts

Resolved! Simple way of 1:1 mapping of QDS into Risk score?

I configured QualysHostDetectionIntegration to import QDS (Qulays Detection Score) and populate the custom QDS field on the Detections and VITs tables. Now I'd like to use the QDS value to calculate the Risk Score.I can think of these two ways to ach...

Bla_ena by Tera Contributor
  • 1383 Views
  • 2 replies
  • 3 helpfuls

Vulnerability item and detection questions

Hello, Can someone please help provide information on these:For Tenable integration with Vulnerability Response management, the detection key config needs to be updated to include 'proof' along with port, protocol and asset_id. Is it something to be ...

vijir by Mega Guru
  • 1272 Views
  • 3 replies
  • 0 helpfuls

Resolved! SLAs for Security Incident Response Elapsed Time is 0

I created a few SLAs for Security Incident Response.  The SLAs appear to start, as they activate the SLA workflow.  However, the "Business time left", "Business elapsed time", and "Business elapsed percentage" always seem to be 0 on every SIR.  Any i...

rcarmack1 by Kilo Guru
  • 1609 Views
  • 7 replies
  • 1 helpfuls

Tenable.SC Connector Unable to Pull SC Queries (Tenable Version)

Hi all, I am unable to pull SC Queries from my Tenable.SC environment into my ServiceNow Tenable Connector.    I have tried the following: Ensuring I have the Security Manager role in Tenable.SCEnsuring I have the proper roles in ServiceNow to config...

Zach40 by Tera Contributor
  • 2476 Views
  • 16 replies
  • 2 helpfuls

How to integrate VirusTotal with ServiceNow.

Hi All, We are enabled virusTotal (Security Operations VirusTotal Integration) plugin but not seeing proper data, Is there any additional API details required to configure virusTotal with servicenow. Kindly suggest. Thank you.

Resolved! Separating multiple detections out of VI without Port

Out-of-box there is a Vulnerability Response configuration to consolidate (or not) multiple detections of a vulnerability on the same device based on different ports. In other words, if the same CVE is detected on a device on multiple ports it can be...

Resolved! One host can't connect to the dev instance

I have a dev instance setup and I can connect to it from multiple different hosts in our network, except the one I am doing development on.  $ openssl s_client -connect dev########.service-now.com:443 --stateCONNECTED(00000003)SSL_connect:before SSL ...

eolmstead by Giga Expert
  • 1299 Views
  • 8 replies
  • 0 helpfuls

Vulnerability Response ACTIVE definition

Thanks in advance to anybody that can clarify what I thought I knew versus what I am finding because a few dashboard widget reports are giving me grossly different results.  This may sound like a total newbie situation, but .... I have three reports ...

Joe Kline by Kilo Guru
  • 784 Views
  • 2 replies
  • 1 helpfuls