We've updated the ServiceNow Community Code of Conduct, adding guidelines around AI usage, professionalism, and content violations. Read more

SecOps forum
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Forum Posts

Resolved! Security Incident Phishing Email PHIS0010001

I have configured email ingestion and I can see it created some record called Security Incident Phishing Email PHIS0010001 I wanted to create direct Security Incident. Is there anything changed recently which caused this record creation? Also system ...

Khanna Ji by Tera Guru
  • 3157 Views
  • 7 replies
  • 5 helpfuls

Resolved! Servicenow Qualys Integration - Asset Tag

Hi There, As per the docs, Servicenow Qualys Host detection Integration retrieves host tags(Asset tag) from Qualys. We had ran the Qualys job once and I could see the field named 'Qualys host ID' gets updated in our CMDB table with the relevant data ...

Priyanka56 by Tera Expert
  • 2850 Views
  • 5 replies
  • 5 helpfuls

Jobs are stuck in ECC Queue in ready state

Hi All, As part of Splunk ES to SIR integration, some of the alerts are not getting converted into a security incident. When found in the ECC queue, we are seeing most of the jobs are stuck in ready state. Could someone help with if any schedule is g...

Resolved! Mark service accounts as internal integration users

reference the SN documentation with regards to creating service accounts here, my understanding is that this checkbox should be checked so to prevent someone from logging into SN as a normal user would.  I would like to know that if SSO is enabled, t...

Dorothy by Tera Contributor
  • 10512 Views
  • 6 replies
  • 5 helpfuls

Pen Testing on ServiceNow Instance

Hi, We are trying to find out more on Penetration testing on our ServiceNow Instance and have the following questions - Do we have to use third party tools to do Penetration testing? if so are there are recommendations from anyone who has used those?...

Aman22 by Mega Contributor
  • 7422 Views
  • 4 replies
  • 7 helpfuls

VR - Qualys integration stopped working

Encountered error running the integration. Error: Invalid response code 403 received from Qualys Qualys integration with VR (NewYork 9a) has been working ok, with a nightly run.  All of sudden stopped working and saw that Qualys account was locked.  ...

Scott58 by Kilo Contributor
  • 2026 Views
  • 4 replies
  • 0 helpfuls

Resolved! Vulnerability groups

Does anyone have a recommendation and / or best practices on how to group, categorize  or define Vulnerability groups recieved from Rapid7. I am trying to reduce the number of groups and auto assign vulnerability items as they are received in Service...

Chuck S1 by Tera Contributor
  • 4895 Views
  • 7 replies
  • 12 helpfuls

Resolved! ServiceNow Rest API throwing error (401 UNAUTHORIZED)

Hello Experts  As part of automatic Incident creating in SNOW I am consuming the API  https://XXXXXX.service-now.com/api/now/table/incident from windows .net The response i am receiving as below. {StatusCode: 401, ReasonPhrase: 'Unauthorized', Versio...

ANEEF by Kilo Explorer
  • 3037 Views
  • 2 replies
  • 0 helpfuls