Resolved! Remove Change type "Emergency" from create change in Test result group in CC.
How to remove change type "Emergency" from create change in Test result group in CC.only change type "Normal & Standard" should be visible.
Forum Posts
Resolved! Rule-based remediation tasks, splitting and new VITs - choosing the right task?
Good morning, I'm trying to figure out a scenario that involves remediation task (grouping) rules, manual splitting and updates when new VITs come in. A remediation team member reported that he split one of his (rule-generated) remediation tasks to...
Resolved! How to manually create an AVIT in Penetration Test flow?
Is there a way to manually create an AVIT in Application Vulnerability Response? Our Pen testers are looking for a way to manually create an AVIT without a Penetration Assessment Request. I don't see that functionality, any suggestions?
Resolved! Penetration test findings
Hi , how do we get Pen test findings for Application Vulnerability Items
Resolved! How to delete a ServiceNow Vulnerability Response VCA that has no VIT or VUL attached?
We recently added the Vulnerability Response module to our ServiceNow instance at our company. During our early days of figuring out how to properly create VULs to group similar VITs, we now have 3 VCAs with no VIT or VUL included. How do we delete...
Resolved! maturity level of Vulnerability Response
Hi, kindly guide how to check the the Maturity level of *Vulnerability Response* for one our clients.
ACL write Access only for particular field?
I have created a custom checkbox in test table and also added ACL for that field but only the sn_vulc_write role access to it but still i was not able to edit the checkbox i was getting security constraint error message, Then I have edited table leve...
Resolved! Sanitizing non HTML field
We are trying to sanitze feedback from web page, that is comming into a Comment field (string). The documentation mentiones the html_sanitize attribute can be used on all fields to fix that, however still after activating the attribute in dictionary,...
Can anyone provide me some important questions on Secoops(SIR)?
Interview Questions on SIR ?
Resolved! I want to delete a record of Discovered Item
The linked CI from a third party scanner (Tenable.io) is imported into the "Discovered Item", but I would like to know how to remove it.The state of the record is "unmatched".The reason is that there is a request from the customer to delete the CI th...
Application Vulnerability - OWASP Top 10 Category
We have a requirement to correlate identified vulnerability with the OWASP Top category. For e.g. While manually creating vulnerability ( pen test) when a specific CWE is selected, if the selected CWE is mapped to one of OWASP Top 10 then the OWASP c...
Resolved! Tenable.io - rescan VIs
I'm trying to set up and test the manual rescan for a single VI using the Tenable.io integration with SNow. I have updated the SN w/ Tenable plugin to version 3.0.5 and activated the scheduled integration. When I open the setup assistant for VR I see...
Resolved! Vulnerable Item Age information on database view
Hi There I'm not able to view Age data in OOTB Database View - sn_vul_impacted_services ( which is a View connecting Vis to the services that have been impacted by the vulnerability ) I am able to see the age for the VIT but the same age value is not...
KEV's in Service-Now?
Hey experts, Is anyone bringing in or ingesting KEV's(Known Exploited Vulnerability) in their Service-Now? We have been tasked to bring this data in so we know which Vulnerabilities have a KEV attached to them. This is the website where they all res...
Resolved! In Vulnerability Response, how do you handle non-persistent VDI's?
We have a large number of non-persistent VDI's. This is causing our Discovered Items matching percentage to suffer, what is the Service-Now best approach in handling non-persistent VDI's?Additional notes on how VDI's work:In VDI, a hypervisor segment...