Hi, I am planning to integrate Security Operations with Zscaler Internet Access. In Servicenow docs it is mentioned that it requires Zscaler admin credentials (username and password) for authentication and Zscaler team is not ready to provide admin c...
How do the roles actually work? I want to use the roles on the security incident form (Read access, Watch list, Privileged access, Work notes list) but only on a case by case basis. Do I need to add anyone that might involved in an incident to the ...
Hello All, I have the secure notes added to form layout and as well as notes configuration but still not able to see secure notes on the form of SIR
Hi All,I have a requirement like ServiceNow VR should only ingest devices which are tagged under 'SecOps' tag in Qualys .what all need to be done in order to do this how to do these if anyone has pointers on this please do share. Thanks in advance.
Hi, we are integrating Zscaler with ServiceNow, what are the Access, Roles required from Zscaler team to get started with the integration. i mean if anything beyond access and roles is required?
Hi, I have few vulnerabilities where VIT is closed but remediation status is still showing In-flight, isnt it suppose to be either target missed or target met?
Hi All, We have a requirement where we need to reapply vulnerability assignment group rules since cmdb records are changing continuously. I noticed that if we activate OOTB scheduled job "Reapply all vulnerability assignment rules" (in inactive stat...
Is there an easier way to see which CI's have not been assessed by our third party scanner? Scan coverage is great in theory, but it does nothing to help you identify the actual CI's that have not been scanned. Looking to identify the CI's that make ...
Hello Team I am working in ITSM and ITOM Module , but also interested to learn GRC or Secops Please suggest me which one should I learn , keeping he point in mind that we have ample job opportunity post doing this one of the course.
Hi All, So I'm getting Security Operations setup and running into an issue with threat intelligence and observable enrichment. I have our IoC getting data from various sources and I have activated the workflows for automated phishing template and use...
Hi, I would like to know if the field Password2 of Client Secret is visible to Admin role unlock the padlock beside the field. Thanks in advance Alex.
i can see Vulnerability software table is keep on updating daily however i thought it shows data after qualys integration scan. I checked existing integration however it dows not have any other integration. What can be the possible cause.
Hello All, We have a situation where in we have integrated Configuration Compliance with Qualys on OOB parameters. It works fine when we pull in present data. The job times out when historical data is being pulled. When we put start time more than a ...
For example, Playbook A is triggered, then the SIR record's Category changes, which triggers Playbook B. When this happens, I want Playbook A to stop running.
Hi , how does Event Management works with SIR module in Sec ops? end to end guidance is helpful
