SecOps forum
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Forum Posts

Resolved! Reapply CI lookup rule not changing to a found CI

I seem to have found an issue that maybe someone can help me with. Prior to this release (16.1.1) if I had an unmatched discovered item which created a ci in either the custom tenable or Qualys tables, changing the CI lookup rule and then reapplying ...

Resolved! Export all admin activity (syslog) to external server

Our Infosec team has required that all admin activity that occurs in ServiceNow needs to be exported to an external syslog server. From initial review, it looked like the SecOps module included SIEM integrations. However, it appears that integration ...

Brad59 by Giga Guru
  • 1117 Views
  • 4 replies
  • 1 helpfuls

ServiceNow Syslog Probe

Good Afternoon All,Our Security team have asked us a question about the Syslog probe (quoted below), we have reviewed the ServiceNow docs but they don't seem to specifically relate to their exact need. (We have Vulnerability Response module but not S...

Resolved! Code for adding multiple user emails in the event queue

Hello All, We have an Event which triggers a notification on Security Incident response.I am looking for code of adding Users email address to event so that the notification can be sent to email address of users in Affected user related list.Table : ...

Auto-populate the SNOW MITRE ATT&CK Card

Hi, my organization recently switched on MITRE ATT&CK framework for Security Incident response (SIR). We have an integration with a SIEM (Devo) which generates SIR tickets in ServiceNow; the ticket in SNOW contains MITRE TTP data in a Description fie...

Barry11 by Kilo Contributor
  • 694 Views
  • 1 replies
  • 0 helpfuls

Resolved! send notification to users in related list

Hello All, We have a requirement where in notifications should go to all the affected users in the related list not just one in the Affected user field on the form.Whats happening right now is the notification is only being sent to the person in affe...

IceIronDragon_0-1669132917546.png IceIronDragon_1-1669132955271.png

Resolved! Does ServiceNow encrypt all our data at rest?

We're going through a security audit and this question was posed to us...."Does ServiceNow encrypt all our data at rest?"   Is this something done by ServiceNow or do we need to arrange for this?   

Gary Winslow by Mega Contributor
  • 11641 Views
  • 8 replies
  • 7 helpfuls

Vulnerabilities database import

Hello, We are working on an SecOps Vulnerability Response opportunity where customers is looking for to import vulnerability entries from following sources: What is the best way to do it?  Thx, Marco

find_real_file.png
Marco26 by Kilo Contributor
  • 1431 Views
  • 11 replies
  • 2 helpfuls