We have recently upgraded from 'Tenable-built' VR integration to the 'ServiceNow-built' Vulnerability Response Integration with Tenable. The latter (ServiceNow-built app) is now using detections but the former (Tenable-built app) is not using it. My ...
Hi all, I am implementing ServiceNow VR and SIR, and in order to submit a vulnerability scan request from SIR I need to have one of my vulnerability scanners set as default. I go to Vulnerability Response > scanners, and I try to set the default valu...
Facing error while getting Machine ID in the Microsoft Defender integration with ServiceNow during the capability execution. The integration is made successfully between MS Defender and ServiceNow. But executing the Capabilities like "Get Host Detail...
Hi there, I'm currently evaluating MSI and have the following questions: 1. Is it possible to add custom states to Major Security Incident Task [sn_msi_task]? I've tried adding a new state; however, it seems like the Tasks board in MSI workspac...
When a user has a security incident response task, and they update the assigned to/assignment group fields, the form saves but the assigned to and assignment group field are blank and the red mandatory asterisk is visible on the screen. However, the ...
User has sn_vul.read_all role. When the user accesses the sn_vul_vulnerable_item table, all vulnerabilities can be viewed (including those assigned to others). The requirement is to display only those vulnerable items that are assigned to users or gr...
Hi, I was configuring the servicenow integration with zscaler using ootb store app. I was able to successfully setup the integration. The query i have is that I don't see anyway to track who requested the url blocking or removal. No fields on zscal...
Hey everybody.We are investigating the best way to allow a user with the Remediation Owner role to be able to create a custom Remediation Task without just opening everything up and giving everybody the write_all role. Based on the ACLs and UI Butto...
Hi All,I created a new response task status called "Not Applicable" that has to take in consideration when closing the related security incident.Actually, You can close a security incident only when all response tasks are completed but i want to clo...
Hello everyone,I have a requirement , to change the workflow of Vulnerable Item State Approval , when 1st approval is rejected , move to the next one and when approved just mark it as approved. I have inserted the logic and the scripts to populate th...
I have done many Vulnerability Response implementations for clients and majority of them do not use the Application Vulnerability Response module. I have attempted to "hide" this module within the Application Navigator by setting the Application Menu...
One of our business partners is looking for a particular ServiceNow use case: I’m looking to assess the need/interest level of existing ServiceNow customers in ongoing Identity access certification automation. Backdrop: Once workflows are provisioned...
There is a requirement - if user want to change the state of Vulnerable item (in sn_vul_vulnerable_item table) from In review to Awating Implementation, it should ask for approval from the support group of the asset. HIf any member of the support gro...
I want to know the whole process how to integrate servicenow with microsoft defender step by step if anyone works on it please let me know
