Hello,Is there a suggested workflow/practice for bulk editing Container Vulnerable Items? There is a "Bulk Edit" feature for host VITs in Vulnerability Response, however I don't see one in CVR, nor do I see any documentation on the subject. We are ...
Hi, 1. On security incident record in security incident response workspace when we click on "create incident", a modal pops up. In this we want to add "assignment group" reference field with list similar to available on incident table. We found a re...
I'm running ServiceNow Vulnerability Response 26.0.11. There were recent changes to VR and now exception rules no longer create remediation task to track VITs that are deferred; but I also noticed I no longer have the option when creating the excepti...
Hi All, I'm using the Atlassian Jira integration with Vulnerability Response integration. However, I notice that I can only set 'sn_vul_app_vulnerability' or 'sn_vul_app_vulnerable_item' as my entity tables in the agile tool configuration (sn_vul_agi...
Error: OAuth flow failed. Verify the configurations and try again. Error detail:invalid_request, AADSTS90002: Tenant 'ea2bd261-c1b1-4388-b0ea-e9a7f266061d' not found. Check to make sure you have the correct tenant ID and are signing into the correct ...
Is there a way to report on MTTD (mean time to detect) for particular support groups or a canned report that visualizes this?
We use Rapid7's Active Risk score as one of the primary drivers of the normalized risk rating of third-party vulnerability entry records in VR, which then drives the risk score/rating of vulnerable items. As Active Risk is driven by threat intelligen...
Hi,We need to make closed state value visible only when current state is review in SIR workspace. We tried using onChange client script as well as Before business rule but its not reflecting in workspace. Is there any other way to configure this? Is ...
Can anyone provide me with an example of the response.json received from Sysdig on the endpoint https://<server>/api/scanning/v2/runtime/vulnerabilities?The reason I ask is that we are on-prem with both sysdig and servicenow and sysdig only offer th...
GOAL: To reevaluate and reset the Remediation Target Date for a Vulnerable Item if the Risk Rating changes due to the Source Risk Score changing. DETAILS:Qualys Integration with Vulnerability ResponseWe use QDS score from Qualys to set the Risk Score...
Hi All, I am looking for guidance and best practice on how to handle Zero day Vulnerabilities in ServiceNow for cases where CVE's are not available. Came across the below KB article which talks about creating a new table by extending OOTB Vulnerabili...
Hi,We currently use Source Risk Score from Qualys (Qualys Detection Score; QDS) to do a direct map to our Risk Score in ServiceNow. QDS combines the severity of the vulnerability with other Threat Intelligence to get that Risk Score. Quite frequent...
Hello Community, I have a Security Incident Task change notification in place which triggers on event named- "sn_si.TaskAssigned". But for some reason the notification would not trigger anytime I make a change on the SIT state, or Priority or even ch...
Hello. We have issue with OOTB - Request risk reduction for a vulnerable item.When we request:A. Request for DeferralB. Request for Risk Reduction Two "State Change Approvals" are being created for A and BWhen we do all approvals A is going in to App...
I came across a ServiceNow Product Doc that states that "CI reclassification is possible only between two classes that have identical identification rules." What does it mean to have identical identification rules? And how does reclassification happe...
