How do I ensure that Outdated Libraries are not used? For TinyMC the library TinyMCE version 4.4.3 was being used and has known security issues. The newest version is 5.2.2 (30.04.2020). For Jquery the library jQuery version 2.2.3-snc was being used ...
Hi Champs, I am trying to make a connection to splunk to update the notable event, but getting 400 error. Kindly suggest. Error screenshot below:
Hi, I would like to know the vulnerability detection process. When we integrate with third party applications like Qualys. We will receive data in detection table and from there VIT's will be created. So I would like to know1) how the detections are ...
I've built a TAXII profile but the discovery server requires a username and password of guest/guest. I'm not sure how to build the REST message to send that. When I test connecting to the TAXII server manually with the username and password using Cab...
In the DLP documentationhttps://docs.servicenow.com/bundle/utah-security-management/page/product/dlp-microsoft/reference/getting-started-microsoft-integration.html Under the heading 'Required API Permissions/Roles on a Microsoft Azure application' it...
Hi, I have questions regarding the false positive vulnerabilities. Please see below1) Does false positive vulnerabilities reopened from source scanners (Qualys, Rapid7)? 2) Once vulnerabilities are marked as false positive what are the options to reo...
From what I understand: Vulnerabilities which are deferred using an exception rule, if they close and then open whilst deferred no longer retain the deferred status and move to open. I believe from reading the forums this is as designed and there is ...
Checking to see if there is an architecture diagram for Security Operations that shows all applications for Security Incident Response, VR, Threat Management, Configuration Compliance and Trusted Security Circles.
Hello,We recently moved to use the Security Incident response module, and wanted to know if there is a way to edit the list of closure codes, specifically remove or hide some from the list. I have included a screenshot of the list of closure codes th...
I am trying to change the fields that are display in the details tab of a Security Incident (SIR record). The current fields in the details tab display values for: Priority Risk score State in that order. I am being asked by the Security Agents to c...
Hello SecOps Community, The ServiceNow VR team has run a very tight schedule of "VR success recommended practices" webinars in Q1. The feedback from participants has been very strongly positive and the majority asked for more. So, please find bel...
Hello,I've encountered the issue with the IT Remediation Workspace in my Customer DEV instance - UI Button "Create Change" is missing, though the roles are assigned properly.I can see the button on Remediation Task form, but on IT Remediation Workspa...
I wanted to drop a quick note on what not to do.... and what to do... A customer's imports were failing, and it was getting the error:"File size X MB exceeded the max size allowed...."I found KB0564441 in Support.servicenow.com:https://support.servic...
I can see risk score calculated for vulnerable items through risk calculator but how it is calculated for vul groups? There is no calculator for vul groups. Does it consider the risk scores for all associated Vul items? And how is the priority is set...
Hi, I am new to SIR and playbooks can you guys guide how can I create a playbook for Security incident response (phishing category) As mentioned below Security incident workspace there is any an option to add playbook how can i add playbook for that ...
