I am utilizing an Alert Management Rule (copied the OOB 'create a security incident for critical alerts' and adjusted the Alert filter) to create Security Incidents. We use the Severity from the Security Incident to trigger our SLA definitions. How d...
We are currently using Qualys in our Vuln Response space. When Qualys scans the network, it finds thousands of devices that are just an IP address with no properties. As a result, thousands of CI's are being created in the CMDB of Class Unmatched CI ...
Hey, I had recently created a ServiceNow account and am planning to access asset information using Rest API .When I run my curl command I get the following error .How do I resolve this ? ERROR: getaddrinfo ENOTFOUND "INSTANCEID_PLACEHOLDER".service...
I am in the middle of a Cloud Security audit and they are asking me what specific intrusion detection system(s) is used by ServiceNow to protect our data.
When using affected users you are selecting users who were impacted by the Incident. We have been operating under the assumption that an affected user is the same a compromised user. We have come across instances where the affected user was not com...
We are just getting involved in the Security Incident Response Module. Is there a best practice for setting up a user to create tags in this module. We have quite a large user base and I believe the concern is that it will get out of hand quickly....
We have 50+ workflow triggers and I want to know when a workflow trigger has fired. I see there is a "Response Workflow" in the Security Incidents. If I knew what table this was then maybe I could see what workflows (and, by extension, what triggers)...
Our CMDB is a bit of a mess (working on that as we speak) and I sometimes get VI's that are matched incorrectly to a CI. Is there a way for me to just reassign a VI to a DIFFERENT CI without going and changing matching rules and deleting the CI tabl...
the user connects to link https://xxxx.service-now.com/sys_import.doget an error message: "User Not Authorized" the user is not an admin.How can I fix it?
Rapid7's Nexpose scan generates a risk score for vulnerabilities. ServiceNow also has vulnerabilities risk scores.The risk score from the integration is not loaded instead, the SN risk score (default 50) is what is showing (see second image). How do ...
Can anyone please help me with the difference between the 2 plugins and what are there functionality? What does a notable event mean in this perspective?
Hi all, I want to increase the timing of error message before abort action and redirection of page ,as it is immediately disappear and redirect.I tried with setTimeOut() and wait(). Note:My script is in script section of Record producer. Kindly provi...
Where do we add a new email template for a security incident?
While implementing VR we have come across GRC Indicators as an option, but don't have good examples of what to setup or what is normal to setup. Does anyone have good example implementations for GRC Indicators in relation to Vulnerability Response? I...
I found the below whitepaper on data encryption https://www.servicenow.com/content/dam/servicenow-assets/public/en-us/doc-type/resource-center/white-paper/wp-data-encryption-with-servicenow.pdf But how can i find out whether data encryption has been ...
