We have just recently started using SecOps, and have run into an issue. When a Security Incident Task (SIT) is created within a Security Incident (SIR), if it is only assigned to the group that does not have any SecOps roles (sn_si.*), then they do n...
I've just started working with the Vulnerability Response Module and still learning the layout and the fields into forms/records like Vulnerable Items and Remediation task. I noticed there are 2 fields available (hidden by default), The Vulnerable So...
I'm researching Subscription Unit counts to implement Agent Client Collector Visibility, and hear that SecOps also uses/consumes Subscription Units. Would like to determine how SecOps works with Subscription Units, and cannot find any info regarding...
In Vulnerability Response Application how to create different Remediation Task for an Vulnerability Items based on the different Application present in the host.
Hi All, Is there a way to integrate Servicenow with Palo Alto's panorama? What we are trying to do is that from servicenow we want to sent some IPs or URLs to Panorama API & it should create security rules so that these IPs or URLs can be blocked on ...
We are looking to refine one of our VR assignment rules to take it a step further and not just assign to an assignment group, but also the assign it to the user contained in the assigned_to field on the CI record. Can anybody help me with the script ...
By Default, the short description of Remediation task is same as Remediation Effort. Is there a possibility to change it to <Qualys ID/Vulnerabiity >: Short Description of RE - <Assignment group Name> Best Regards Viswa
I need to set up an email remainder for 5 groups for their respective Open cases. Any suggestions how to achieve this? Email remainder should have (May be in ONE Email) List of all the Open Cases at the 90 day mark List of all the open c...
Hi All, I am working on VR and Config compliance where in I am configuring the assignment rules, Group rules and Remediation target rules. Assignment rules are working fine as there is a scheduled jobs to refresh them but group rules are not getting ...
Currently, if you make unintended changes to certain settings in your instance,We want to detect that change.As a detection method, we are trying to monitor whether unintended change logs are output to the event log. For example, in the case of "noti...
Hello, the client asked for a capability to Import New Vulnerable Items by a spreadsheet. A transform map has been created for that and now the next requirement is that if the Configuration Item is not found then a new one is created under the "Uncla...
Is there a developer guide, or something similar, for developing a custom integration with the VR module? We are trying to import AWS Security Hub findings into the VR module and looking for a bit more guidance than the online docs can provide. It's ...
Hi All, We are using Qualys Integration Module in SN. One of the Integrations runs "Qualys Knowledge base (Backfill)" is failing with the following error: Encountered error running the integration. Error: Invalid XML response body received from Qual...
Hi all, I have a requirement where I created four fields Name, Department , number and email.I have given type as reference for name if user selects name other three fields should be auto populated any one has script or pointers on this to auto popul...
Hi - I am trying to figure out what the best options are when it comes to integrate Splunk with ServiceNow, including for customers that might not (yet) have the SIR module. Could you challenge me on those following options and maybe recommend what t...
