Hi All,In Vulnerability Response Module, when I am creating remediation tasks with the button "Create Remediation Task" In workspace 'created by' field is showing "SecCommon.System" and not actual user who created the remediation task. Anyone have an...
Hello, We have the API integration with Rapid 7's InsightVM and are ready to set timelines on vulnerability remediation. We have 4-5 tiers for remediation timelines and I'm trying to determine if we should use SLAs or Remediation Targets. It seems l...
Hello Everyone,I'm New to Penetration Testing in ServiceNow.I've gone through several Blogs, documents and Knowledge article but i like to know, how it works in practical.I have a Single Application "ABC Insur" it doesn't have any CI items it is a St...
Hi Team, We’re working on Application Vulnerability Response and have encountered an issue: when an AVIT is marked as Resolved or Closed by a user and later reopened either by the scanner or manually, the remediation target date does not update. Is t...
Hi Devs,How do we force the security incident response records to open in the Security Incident Response Workspace? I tried looking at the sys_navigator table and I cannot select the sn_si_incident table or the sn_si_task table.
Hi All, does anyone here have experience integrating CVR with Cortex. Specifically related to the link I have attached. Any help is greatly appreciated and thank you! https://www.paloaltonetworks.com/cortex/cloud/container-security
Hi All, I am doing a manual import of Vulnerable Items to test how it works. I have a Windows Server CI which has a FQDN, IP Address and a Hostname. When I do the manual import through the UI, the resulting vulnerable item is linked to a newly create...
Hi, We recently updated our VR plugin to 26.5.3 and I have noticed that the reapply lookup rules UI action on the discovered items table is not updating all of the VITs that it used to.We have a process for unmatched/unclassed CI's where someone goes...
In "Qualys Host List Integration" I have a requirement to exclude certain tags from Qualys for which I am using "tag_set_exclude" parameter to specify unwanted tags . As i don't want any of mentioned tags to be there in record so i changed "tag_exclu...
The requirement is to trigger the logging as soon has a role that he has elevated to log what operation he will do during its elevated period. I had found the following For a script to ensure the notification only triggers for a specific role (e.g.,...
Has anyone successfully built a custom integration between Imperva and ServiceNow before? There is currently no plugin available for integrating these 2 tools so our developer is trying to get this working using a totally custom integration, using Ph...
Hello All, We have a requirement where in we do not want certain CI record to be created in Configuration Compliance and Vulnerability Response. We are thinking to make the filteration at API level. I read and found out that we can use tag_exclude_se...
Hello! We use Tenable.IO with VR, we have both network scans and agent scans. My end goal here is to be able to see at the individual VIT record if the vulnerability was discovered by a Nessus Agent, or through the Nessus Scan (over the network). I c...
We have found the No of AVITs in Invicti and Servicenow are different. Also the status difference in both the system. In invicti the AVIT status is Fixed but in ServiceNow the AVIT status is still showing Open. Does the ServiceNow Job brings all the ...
We have several vulnerability detections from Tanium that show to be on a Windows device in Tanium that when ingested into ServiceNow, are getting matched to a Linux device. The CI lookup rule for IP Address is matching, however it would also be a m...
