Wondering how other folks out there are using the details from Qualys to import and utilize Information Gathered QIDs, and how you might use those to highlight if the last vulnerability scan properly authenticated (or not) to set expectations of how ...
I configured QualysHostDetectionIntegration to import QDS (Qulays Detection Score) and populate the custom QDS field on the Detections and VITs tables. Now I'd like to use the QDS value to calculate the Risk Score.I can think of these two ways to ach...
Hi all, Does anyone know what sets the short description of remediation tasks? We noticed some remediation tasks descriptions were missing vulnerability information and not sure why this may be occurring.
Our "Success with Vulnerability Response" series of recommended practices deep-dive webinars continues. After the great feedback from the VR Performance and CI Matching calls earlier this month, I am pleased to share with you to the next installment....
Hello, Can someone please help provide information on these:For Tenable integration with Vulnerability Response management, the detection key config needs to be updated to include 'proof' along with port, protocol and asset_id. Is it something to be ...
I recently setup a Rapid7 InsightVM integration with ServiceNow VR and am beginning to populate the Asset List information. I ran the integration, and it completed successfully but I do not see any new Discovered Items created from the integration ru...
I created a few SLAs for Security Incident Response. The SLAs appear to start, as they activate the SLA workflow. However, the "Business time left", "Business elapsed time", and "Business elapsed percentage" always seem to be 0 on every SIR. Any i...
Dear Team, I am trying to create a security incident when phishing email arrives. I went through few docs, that says- Security incident was created automatically, when a record was created in 'Security Incident phishing email' table based on these fl...
I am trying to add some Security Incident Enrichment data to a Security Incident related list (coming from a third party integration REST call). In doing so, I found a set of Enrichment tables extending "Enrichment Data Base." In particular, I have ...
Hi all, I am unable to pull SC Queries from my Tenable.SC environment into my ServiceNow Tenable Connector. I have tried the following: Ensuring I have the Security Manager role in Tenable.SCEnsuring I have the proper roles in ServiceNow to config...
Hi All, We are enabled virusTotal (Security Operations VirusTotal Integration) plugin but not seeing proper data, Is there any additional API details required to configure virusTotal with servicenow. Kindly suggest. Thank you.
Hi All, Can any one help me on the difference between SIR Pro and SIR Standard?How is the unit of license work (UU)? Thanks in Advance!
Out-of-box there is a Vulnerability Response configuration to consolidate (or not) multiple detections of a vulnerability on the same device based on different ports. In other words, if the same CVE is detected on a device on multiple ports it can be...
I have a dev instance setup and I can connect to it from multiple different hosts in our network, except the one I am doing development on. $ openssl s_client -connect dev########.service-now.com:443 --stateCONNECTED(00000003)SSL_connect:before SSL ...
Thanks in advance to anybody that can clarify what I thought I knew versus what I am finding because a few dashboard widget reports are giving me grossly different results. This may sound like a total newbie situation, but .... I have three reports ...
