Whenever related list adding in the security incident form are not displaying at bottom of the form.Example: Security incident form before adding related list (IT Incident and Incident->Parent) Adding related list: Configure>>related list Added relat...
Dear All, When we push the offense from QRadar to ServiceNow "Severity" and "Priority" fields are auto-populated. I would like to know how is it done within QRadar including logic for systemic process & manual and then followed by what happens on Ser...
I am unable to populate Vulnerability score (v3) within vulnerability response > vulnerabilities > vulnerable items. Troubleshooting steps: I went to Qualys KB integration, set the ‘delta start date’ to 1-1-1990 and ran the import again. This step s...
Dear All, I am getting the below error whenever the REST API call initiated from ServiceNow to MidServer to get the multiple destination ip from QRadar Offense. [ERROR CODE: 404 ] Method failed: (/api/ariel/searches/undefined/results) with code: 404 ...
Hello, My client has already implemented SN-GRC and now they are interested in SecOps. However, they would want to see the advantages/benefits of having SecOps. Moreover, they would want to understand the scope of SecOps and what would be the benefit...
This is the first time i am using Vulnerability response, so when the tenable scan ran this morning there was no third-party vulnerability entries the got created which means there was no vulnerability groups that got created which means there was no...
Hi, When security incident is created through ITSM incident through a UI action "Create Security Incident", I want to copy some more fields from ITSM incident to the Security incident. For this, can I directly add the code to the out of box script i...
Hi guys, Not sure if I've chosen the correct topic so apologies if not. The IT security team at my company have asked what Service Now has in place to prevent SQL Injection attacks. I've had a look on Google and could not find anything specific. Do a...
i'm having an issue with importing data from Qualys into ServiceNow. Multiple assets are not showing up in the Security Operations CMDB, nor as Vulnerable Items. I have given my ServiceNow API user access to read the "All" asset group, and most asset...
Hi All, We are in need of integrating the DLP DB with ServiceNow to perform the DLP operation in ServiceNow Itself. Ticket handling also will have to do it in the ServiceNow. According to my plan. I have to create new application for DLP through st...
Hi ServiceNow Folks, Greetings. I am new to SecOps world and would like to start my Journey in SecOps. My first assignment is to implement SecOps Security incident response in my organisation i am basically from ITOM world with not so much strong b...
Morning! I know that this is probably more of a Splunk side configuration issue, so I have posted to their forum as well, but i wanted to see if anyone has any experience with this setup. I am getting an error when trying to set up the Splunk add o...
Hi All, I have a requirement on Security Incident Response as below. When a ticket is created in Secure Works then a Security Incident Response ticket in ServiceNow. Can anyone please help me with the Integration process. - Sai.
The tenable scan is running and bringing in new CI, when the CI come in the IP address is automatically setting itself to the name where we want the domain name to set itself to the name. How do i switch this?
Hello. I've integrated SN and Rapid 7 successfully, but I'm trying find out how perform repadiation process properly. When I'm closing Vulnerable Item or Vulnerable group I have two option for closure: Wait for confirmation from next scan Close vulne...
