We have recently upgraded from 'Tenable-built' VR integration to the 'ServiceNow-built' Vulnerability Response Integration with Tenable. The latter (ServiceNow-built app) is now using detections but the former (Tenable-built app) is not using it. My ...
Facing error while getting Machine ID in the Microsoft Defender integration with ServiceNow during the capability execution. The integration is made successfully between MS Defender and ServiceNow. But executing the Capabilities like "Get Host Detail...
Hi there, I'm currently evaluating MSI and have the following questions: 1. Is it possible to add custom states to Major Security Incident Task [sn_msi_task]? I've tried adding a new state; however, it seems like the Tasks board in MSI workspac...
When a user has a security incident response task, and they update the assigned to/assignment group fields, the form saves but the assigned to and assignment group field are blank and the red mandatory asterisk is visible on the screen. However, the ...
User has sn_vul.read_all role. When the user accesses the sn_vul_vulnerable_item table, all vulnerabilities can be viewed (including those assigned to others). The requirement is to display only those vulnerable items that are assigned to users or gr...
Hey everybody.We are investigating the best way to allow a user with the Remediation Owner role to be able to create a custom Remediation Task without just opening everything up and giving everybody the write_all role. Based on the ACLs and UI Butto...
I have done many Vulnerability Response implementations for clients and majority of them do not use the Application Vulnerability Response module. I have attempted to "hide" this module within the Application Navigator by setting the Application Menu...
One of our business partners is looking for a particular ServiceNow use case: I’m looking to assess the need/interest level of existing ServiceNow customers in ongoing Identity access certification automation. Backdrop: Once workflows are provisioned...
There is a requirement - if user want to change the state of Vulnerable item (in sn_vul_vulnerable_item table) from In review to Awating Implementation, it should ask for approval from the support group of the asset. HIf any member of the support gro...
Has anyone had the issue of the Tenable.sc Open Vulnerabilities Integration not loading open vulnerabilities? I've integrated to our Tenable dev instance and all the other jobs have loaded. For testing purposes, I enabled the fixed vulnerability job ...
Hello, a client has several VIs that have been reopened by the VR System after being Closed so I'd just like to ask about the following scenario that occurred: VI is Deferred by a userVI is Closed (Substate is Fixed) by VR SystemDetection Last Found ...
Hi All,In our environment at below cases , the VR system changing the state of the VITs automatically:1. When the VITs are moved from deferred to open state it's getting reopened by the VR system user instead of the scanner , before the inbound to op...
We are using Record producer to generate security incident tickets. when the SIR generated the error msg show: "Read Operation on column task.short_description from scope Global was denied because the source could not be found. Please contact applic...
Hello, I understand that if a CI is duplicated in the CMDB when the CI Lookup Rules find a match they will pair with the most recently created CI. I was wondering if it was possible for it to pair with the actual CI the lookup rules identified (even ...
Hi, When should I need to install MID Server during VR Tenable integration? What do they mean by the "same environment"? I'm not sure about that. Tenable.sc is an on-premises integration that gives you the option to use a MID Server if the Tenable.sc...