Resolved! SNOW and Red Canary
I'm wondering if anyone has any information or experience with setting up Red Canary threat and vulnerability with SNOW. Any documentation, suggestions or links I can review would be a great help. Thanks
Forum Posts
Resolved! Vulnerability Closed-Ignored in Qualys
Hello, I closed-Ignored the vulnerability in Qualys manually for a reason. When i ran the Host Detection Integration that particular VIT still shows as Active - Open in Servicenow Should the Integration set it to Close state in Servicenow too? we are...
Resolved! Tenable For ITSM - Incident rules
Hi Everyone, I'm doing POC on Tenable for ITSM, I want to test this Incident Rules but I'm currently having issues with the import part as there is a large amount of data and it is always stuck. I was trying to manually execute the Incident Rules, bu...
Resolved! Change risk score when cvss score changes, is this possible using vulnerability calculator?
Hi, Does anyone know if we can Change risk score when cvss score changes on a vul item? is this possible using vulnerability calculator? I tried using calculator but it doesnt work for me. Can anyone one help on this? Do i need to do a business rule...
Resolved! Dummy Data for testing CI Lookup rules
Hello everyone, Unfortunately on current stage of project I can't integrate Qualys with dev instance. I need to prepare some 'dummy data' for testing CI Lookup Rule and getting familiar with them. Is any possibility to insert 'dummy data' into some k...
Auto Reapply Vulnerability Calculator
Hi there, is it possible to have a vulnerability calculator reapply with a scheduled job? If yes, how so? I am trying to find a way to reference the vulnerability calculator in a scheduled job but I can't find a way. According to the SN docs it seem...
Resolved! How to display the fields of the sn_vul_change_approval table on the list screen of "My Approvals".
When I open the Requested record from "Vulnerability Response> My Approvals", I see "Summary of Item being approved / Vulnerability State Change Approval" at the bottom of the form. Therefore, I would like to display the "Approval name" and "Requeste...
Resolved! File upload security
Hi, I had a customer ask me about using the file attachment function for a malicious file... they are wondering if we can get the information from the file without actually storing it. Their concern was someone opening the file and unleashing bad stu...
Resolved! How would a Splunk Phantom user look at/understand SIR/SOAR capabilities?
A large ServiceNow & Phantom customer wants to have a conversation about how the two should work together. They both have playbooks and automation capabilities. ServiceNow has the advantage of the CMDB and workflow with other teams. What else? thank ...
Resolved! How often "reapply rule" on risk calculator runs?
Is there any scheduled job configured to kick off this reapply rule on risk calculator just like on group rules? I know a job runs for every 4 hrs or every day to trigger "reapply rule" on group rules. Does anyone know about risk calculator?
How to restrict personalize_dictionary role?
Hello Community! I want to restrict the personalize_dictionary role to only create or rename tables&fields under cmdb_ci table, nowhere else.Basically what I need is to prevent "admin" access other tables but cmdb_ci and its descendants. Is there a w...
Resolved! Which tables are not included in the update set?
I have moved the Vulnerability Response update set from the development environment to the verification environment. I understand that Scheduled Jobs are not included in the update set, so I need to export and transport them as an XML file in my deve...
Resolved! Problema with MIME types attachments: filename.xlsx.p7m
Hello all. We should attach to KB articles attachment of xlsx files digitally signed (p7m), just like "example_file.xlsx.p7m". Both extension are permitted in system property "glide.attachment.extensions" and we want to mantain "glide.security.file.m...
How is the Qualys rescan function setup?
VR 14.0.6 with Qualys 12.1.1 Issue: Initiating a rescan within a VIT produces a status message of "Error code 1901. Message: Unrecognized parameters." V12.1.1 claimed to fix this error code, but it is still occurring. Any ideas?
Resolved! Fixing Detection Keys for Qualys Job settings
I have been working on an early upgrade instance where we get to Rome AND latest updates for Vulnerability Response and the Qualys Integration for Security Operations applications. Within those updates we are going from v13 VR to v15 which include t...
