SecOps forum
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Forum Posts

Resolved! How to manually create an AVIT in Penetration Test flow?

Is there a way to manually create an AVIT in Application Vulnerability Response? Our Pen testers are looking for a way to manually create an AVIT without a Penetration Assessment Request. I don't see that functionality, any suggestions?

Rachel3 by Tera Contributor
  • 1038 Views
  • 2 replies
  • 3 helpfuls

ACL write Access only for particular field?

I have created a custom checkbox in test table and also added ACL for that field but only the sn_vulc_write role access to it but still i was not able to edit the checkbox i was getting security constraint error message, Then I have edited table leve...

Resolved! Sanitizing non HTML field

We are trying to sanitze feedback from web page, that is comming into a Comment field (string). The documentation mentiones the html_sanitize attribute can be used on all fields to fix that, however still after activating the attribute in dictionary,...

PavelP by Mega Sage
  • 1789 Views
  • 6 replies
  • 1 helpfuls

Resolved! SNow-Splunk ES integration

Hi all, I'm trying to integrate Splunk ES with Servicenow. The objective is to let Splunk ES open SIR on SNow and, when the SIR is closed, let it know to Splunk ES. I'm basically following this guide: https://docs.servicenow.com/bundle/orlando-securi...

Paolo6 by Kilo Expert
  • 3247 Views
  • 9 replies
  • 2 helpfuls

Resolved! I want to delete a record of Discovered Item

The linked CI from a third party scanner (Tenable.io) is imported into the "Discovered Item", but I would like to know how to remove it.The state of the record is "unmatched".The reason is that there is a request from the customer to delete the CI th...

nagaryu by Tera Contributor
  • 1912 Views
  • 4 replies
  • 2 helpfuls

Application Vulnerability - OWASP Top 10 Category

We have a requirement to correlate identified vulnerability with the OWASP Top category. For e.g. While manually creating vulnerability ( pen test) when a specific CWE is selected, if the selected CWE is mapped to one of OWASP Top 10 then the OWASP c...

Chetan21 by Tera Contributor
  • 1271 Views
  • 1 replies
  • 0 helpfuls

Resolved! Database view of vulnerable items

Hey everyone, I have a question about the database view. I need to use the DB view to: All the VIs, incl. the manually created onesAll the Detections paired with the VIs (manually created VIs should have the detection fields empty) But when I try to ...

Patrik Z by Giga Guru
  • 1146 Views
  • 4 replies
  • 2 helpfuls

Resolved! Tenable.io - rescan VIs

I'm trying to set up and test the manual rescan for a single VI using the Tenable.io integration with SNow. I have updated the SN w/ Tenable plugin to version 3.0.5 and activated the scheduled integration. When I open the setup assistant for VR I see...

find_real_file.png find_real_file.png find_real_file.png find_real_file.png
Patrik Z by Giga Guru
  • 3530 Views
  • 10 replies
  • 0 helpfuls

Resolved! Vulnerability age?

Hi community,   Quick question. Which field shows me the Vulnerability age? All I have found in Vulnerable item there is a field called "Age". Is that the correct field for Vulnerability age?

kris29 by Tera Contributor
  • 719 Views
  • 1 replies
  • 1 helpfuls

Resolved! Vulnerable Item Age information on database view

Hi There I'm not able to view Age data in OOTB Database View - sn_vul_impacted_services ( which is a View connecting Vis to the services that have been impacted by the vulnerability ) I am able to see the age for the VIT but the same age value is not...

find_real_file.png find_real_file.png find_real_file.png

KEV's in Service-Now?

Hey experts, Is anyone bringing in or ingesting KEV's(Known Exploited Vulnerability) in their Service-Now? We have been tasked to bring this data in so we know which Vulnerabilities have a KEV attached to them.  This is the website where they all res...