We are preparing to implement Configuration Compliance (CC) and an integration with Prisma Cloud. We have successfully integrated CC with Qualys. We would like to talk with those that have successfully completed the Prisma Cloud integration with CC...
Another week, another mindmap Recently, I shared a mind map designed to simplify the large list of tables in the Threat Intelligence documents. This time, I've made a mind map that distills the functionalities of the application into (hopefully) int...
Below you'll find a mindmap I've made, breaking down all of the many tables that come along with the ServieNow Threat Intelligence offering. My hope is that this provides value to ServiceNow developers and implementers new to the Security Operations ...
Hello, How can I filter out vulnerabilities for non-running kernels in my data import from Qualys? Is there an attribute on the VIT, or do I have to not import them into ServiceNow at all?
Hi, any Qualys experts out here who can help explain potentially why the plugin upgrade to version 12.10.1 would cause custom fields to disappear? My understanding was that upgrades will not overwrite custom work like additional fields. (But maybe a ...
Hi, Has anyone added the SIR Workspace to the Unified Search who can help me out?I followed the guide here - https://docs.servicenow.com/bundle/vancouver-platform-administration/page/administer/search-administration/task/add-app-search-context-polar...
Hi SecOps community, We are exploring the Security Incident Response module in our DEV environment, we are looking to track phishing emails and vulnerabilities for patching. It seems like tracking vulnerabilities is part of the Vulnerability Response...
All, As the year winds down, I found that I had a bit of time and thought that a Whitepaper on Classification Rules would be a good use of my time. See attached -Chris
Hello ServiceNow experts, I'm seeking insights into the integration capabilities of the Configuration Compliance Authoritative Source module. Specifically, I'm interested in understanding if it offers any integrations that automatically bring in conf...
Hello, I am working on a playbook in the flow designer. I am creating a SIT task for the playbook, however it does not let me set the Description of the task, only the Short Description. see example screenshot.This causes the description of the task ...
Hello Team, I need to integrate Splunk to ServiceNow incident ( ITSM) This integration should pull Splunk for certain alerts, to generate ITSM Incidents.This should handle automatically creating ITSM Incident based on alerts firing in Splunk. Pleas...
I have a requirement to add a UI Action (UX Form Action) that will display when viewing the Security Incident form and also another action on Security Request form (list has been added) in the Security Incident Response Workspace. Attempts to add eve...
I administer SIR and VR. To update the SIR app to a new version, sometimes there are dependent apps that also need updated, i.e. Security Support Common. Security Support Common (SSC) is also used by VR and according to the Compatibility Matrix KB (l...
Hi All, Can anyone explain how the Risk Score on Third-Party Vulnerability Entry (sn_vul_third_party_entry) or Vulnerability Entry (sn_vul_entry)is calculated? In my case, I have a tenable plugin with ID TEN-35291, and the risk score for this Vulnera...
Hi All, Can anyone explain how the Risk Score on Third-Party Vulnerability Entry (sn_vul_third_party_entry) or Vulnerability Entry (sn_vul_entry) is calculated? In my case, I have a tenable plugin with ID TEN-35291, and the risk score for this Vulner...
