Hey team! Any chance that ServiceNow is looking to integrate the Exploit Prediction Scoring System (EPSS) scoring into ServiceNow to enhance vulnerability data? https://www.first.org/epss/ What is EPSS? EPSS provides a fundamentally new capability fo...
Hi, team! Customer question: "We are using Tenable.sc as our scanner (plugin ver. 3.6.4). We are seeing some detections associated to Vulnerable Items like this:VIT0113003 We have the detections come in with much of the same information but it ...
So, I'm not sure how possible this is, but my IS teams are asking if there is any way to add description field to the list of vulnerable items in related. They want to use this to filter out things easily to split task for appropriate teams For inst...
MSIM workspace has a tab called "Collaboration" once you open a major security incident. On this tab I can not get the SharePoint library to display despite having configured it correctly. If I open the workspace in UI Building, this section has a de...
We are running two integration instances in our environment, one for Qualys Vulnerability Response and one for Qualys Configuration Compliance. Below are the jobs running for Qualys VR and Qualys CC. We started seeing duplicate VITs in our production...
In the Security Incidents application. I’m looking for a technique on how to restrict access to the records. A user who is currently login can see and edit only records that he assigned to.
What does the "Mark Deprecated" UI Action do on the Test Group (formerly Policy) form? The UI Action is present on both "Active" and "Inactive" Test Groups. Does this UI Action just deactivate the Test Group or is this another action?
Thoughts on the following configuration for incident and problem handling. The tool has been configured so that a major incident can be placed on hold Pending Problem. When you link an Incident to a Problem and set this status, the cause and fix info...
Hi,Our team is looking for an option to reopen a Security Incident which is in closed state. Currently once you close the Security incident you cant reopen or edit any fields. Basically team is looking for an option to edit fields on a security inci...
In Multi-factor Authentication (MFA), User should Download and install any one of the Authenticator Application for first time. From next login onwards they can use the Authenticator Application or request a verification to be sent via email by click...
Is it possible to customize the Security Incident New UI? Changing form fields or form layout?
Hi all ,I wanted to try task intelligence for ITSM in my PDI but the required number of incidents needed are 10k.so is there any way I can create or get some demo incidents data.Thanks,
glide.security.url.whitelist - created this system property (snapshot attached) to check its nature of operation but turned out as a fail. When logout from the admin user or a newly created user from the PDI, its not working as expected (enforces val...
Hey all-we have a working Splunk ES integration configured previously by ServiceNow implementers- but the 'source' field is currently populating to the SNow form default of 'phone', and the secops folks want it adjusted to SIEM. instead of changing ...
Hi all, We have around 62000 remediation tasks which all need to be closed. I first tried using "update all" to update their "state" values to "closed completed." However, this times out and only closes around 3000 records before timing out. So next,...