SecOps forum
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Forum Posts

Resolved! SLAs for Security Incident Response Elapsed Time is 0

I created a few SLAs for Security Incident Response.  The SLAs appear to start, as they activate the SLA workflow.  However, the "Business time left", "Business elapsed time", and "Business elapsed percentage" always seem to be 0 on every SIR.  Any i...

rcarmack1 by Kilo Guru
  • 1752 Views
  • 7 replies
  • 1 helpfuls

Tenable.SC Connector Unable to Pull SC Queries (Tenable Version)

Hi all, I am unable to pull SC Queries from my Tenable.SC environment into my ServiceNow Tenable Connector.    I have tried the following: Ensuring I have the Security Manager role in Tenable.SCEnsuring I have the proper roles in ServiceNow to config...

Zach40 by Tera Contributor
  • 2560 Views
  • 16 replies
  • 2 helpfuls

How to integrate VirusTotal with ServiceNow.

Hi All, We are enabled virusTotal (Security Operations VirusTotal Integration) plugin but not seeing proper data, Is there any additional API details required to configure virusTotal with servicenow. Kindly suggest. Thank you.

Resolved! Separating multiple detections out of VI without Port

Out-of-box there is a Vulnerability Response configuration to consolidate (or not) multiple detections of a vulnerability on the same device based on different ports. In other words, if the same CVE is detected on a device on multiple ports it can be...

Resolved! One host can't connect to the dev instance

I have a dev instance setup and I can connect to it from multiple different hosts in our network, except the one I am doing development on.  $ openssl s_client -connect dev########.service-now.com:443 --stateCONNECTED(00000003)SSL_connect:before SSL ...

eolmstead by Giga Expert
  • 1472 Views
  • 8 replies
  • 0 helpfuls

Vulnerability Response ACTIVE definition

Thanks in advance to anybody that can clarify what I thought I knew versus what I am finding because a few dashboard widget reports are giving me grossly different results.  This may sound like a total newbie situation, but .... I have three reports ...

Joe Kline by Kilo Guru
  • 861 Views
  • 2 replies
  • 1 helpfuls

Resolved! Security Operations workspace - Close Security Incident

Hello, When using the Security Operations workspace, we have the hability to go through the stages of the incident: However, when trying to close the SI, I am getting an error:And it returns back to "Review" state. I think the problem is not having t...

PedroSilva4_1-1669294413008.png PedroSilva4_2-1669294457679.png

Resolved! Reapply CI lookup rule not changing to a found CI

I seem to have found an issue that maybe someone can help me with. Prior to this release (16.1.1) if I had an unmatched discovered item which created a ci in either the custom tenable or Qualys tables, changing the CI lookup rule and then reapplying ...