Hello, I am trying to find a way to have the Observables tab/field be auto-populated with information that is imported into the Description field. As it stands, we get numerous alerts imported into SIRs with the Description field populated with a lot...
We want to group our vulnerabilities and only include confirmed vulnerabilities. Is there a way to do this? We are using Qualys as our scanner. Thanks! Eric
Does anyone know what UI Policy/Script Include/Business Rule makes all fields of the SIR read-only when the State is Closed? I'm looking for a way to allow only the sn_si.admin to change the field after the SIR is closed, due to analysts accidentall...
Hi All, All the vulnerable items and groups have been imported when I just enabled Knowledge base even before I setup group rules and assignment rules. Now I want to delete them and rerun the import. Is it fine to do that?
Hi folks, What's is security tags in Secops how it's helpful any use cases or examples Will be appreciated thank you request your help for same Regards satya
Hello Experts, Can anyone help on DDOS in ServiceNow. I am new to that but eager to know . Please guide on this 1. Is this a separate plugin 2. Does it involve additional cost or licensing 3. What is the implementation method or document on this spec...
Hi all we have a integration to sending value of a field to 3rd party application. We wanna do the encryption for that field and give the context to a user (or service account). However, the script action is running as system so system don't have ac...
Hello, Looking for advice/best practice for getting phishing emails into ServiceNow. The process right now is that a user reports a phish in Outlook and when they do that the email gets sent to ProofPoint to evaluate. We would like to get this into...
Hi All What is the correct way to export a report to a CSV or Excel file ? I am noticing discrepancies in my data if i Right click on any of the columns in the Report and do a "Export" to save it as a csv or .xls file. The data comes to be different ...
Hello, I am looking for some recommendations as in how to deal with the below issue we are facing. We are using Rapid7 DW Module . As per our configuration, Assets (CI's) in ServiceNow get decommisioned after a certain number of days but since Nexp...
Whenever related list adding in the security incident form are not displaying at bottom of the form.Example: Security incident form before adding related list (IT Incident and Incident->Parent) Adding related list: Configure>>related list Added relat...
Dear All, When we push the offense from QRadar to ServiceNow "Severity" and "Priority" fields are auto-populated. I would like to know how is it done within QRadar including logic for systemic process & manual and then followed by what happens on Ser...
I am unable to populate Vulnerability score (v3) within vulnerability response > vulnerabilities > vulnerable items. Troubleshooting steps: I went to Qualys KB integration, set the ‘delta start date’ to 1-1-1990 and ran the import again. This step s...
Dear All, I am getting the below error whenever the REST API call initiated from ServiceNow to MidServer to get the multiple destination ip from QRadar Offense. [ERROR CODE: 404 ] Method failed: (/api/ariel/searches/undefined/results) with code: 404 ...
Hello, My client has already implemented SN-GRC and now they are interested in SecOps. However, they would want to see the advantages/benefits of having SecOps. Moreover, they would want to understand the scope of SecOps and what would be the benefit...
