SecOps forum
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Forum Posts

Help with servicenow sign-in and audit-logs collection for IDTR use cases (detection and response)

Hello ServiceNow Community,Context – Security and Identity Threat DetectionI’m building a comprehensive Identity Threat Detection and Response (ITDR) process using ServiceNow’s core logs: sys_audit, sysevent, and syslog_transaction. The goal is to de...

Resolved! Remediation target rule with pause condition?

We are trying to use remediation target rules as a replacement for SLA's as we cannot use SLA's for Vulnerable item (sn_vul_vulnerable_item) records. Unfortunately these rules do not have a pause condition out of box as of Kingston patch 6 and this h...

find_real_file.png

Duplication Rule SecOps level

Hi everyone,I’ve been assigned a task to investigate what Duplication Rules entail within the Security Operations (SecOps) module. Could someone please provide more insight into how Duplication Rules work in this context?Is there any official trainin...

AndreeaI by Tera Contributor
  • 391 Views
  • 1 replies
  • 0 helpfuls

Resolved! In VR: When would you use SLAs rather than Remediation Targets

Hello, We have the API integration with Rapid 7's InsightVM and are ready to set timelines on vulnerability remediation. We have  4-5 tiers for remediation timelines and I'm trying to determine if we should use SLAs or Remediation Targets. It seems l...

LeslieC by Tera Expert
  • 2233 Views
  • 6 replies
  • 9 helpfuls

Resolved! NVD integration error started +/- 24th July 2025

Hello.I saw NVD got maintenance windows somewhere about 24th July 2025.Now the integrations stopped to work. Error: Invalid response code received from NVD: Not Found 404 The URL is incorrect Any one contacted NVD or fixed this issue ?We tried to use...

DonDom_0-1753696486731.png
Don Dom by Tera Contributor
  • 1409 Views
  • 9 replies
  • 4 helpfuls

Autoclose Vulnerable items on Retired CIs

We just upgraded to VR version 15, where autoclose retired CIs is a checkbox, which we have checked. However, we changed some CIs to retired state and their vulnerable items have not closed after multiple days. Is there somewhere in VR we can look to...

AndrewP by Kilo Expert
  • 1848 Views
  • 9 replies
  • 2 helpfuls