Vulnerability Response Notifications
Hi Team, Can you please explain me the below vulnerability response notifications? I am finding it hard to understand them. Appreciate your efforts and time.
Forum Posts
force rebuild user role table
I am about to embark on the task of cleaning up user granted roles directly in some cases and role changes in groups. I will be consolidating down duplicated roles given and removing roles directly given to users. I have seen the behavior of a user n...
Resolved! How to Override the Top level (*) ACL to enable one field in child table
Hi Friends, In HR case all the field are get changed to read only, when i verify that there are three TOP level ACL are running on the table so that is the reason it is changing to read only Now i want to enable only one field in child table Pleas...
Resolved! SIRT Auto Assignment
Whenever I submit a security incident, it is picking SIRT group as an Assignment Group. Is there a way to change the this group assignment and select something else? Where can I find the setting for it?
Resolved! What is the Security Module in SNOW?
Hi, What is the Security Module in SNOW? Why we require the same? Could you please explain in detail. Regards,
ACL in Update Sets
Hi All, I'd like to raise a small question: If modifying the ACLs require security_admin role; while moving update sets having ACL changes from one instance to another instance, one should have a security_admin role. Please suggest. Thanks, Vishal
Resolved! Where do we set up the User reported Phishing email address?
The docs say that we need to define an email address such as acme+phishing@service-now.com as the forwarding address for the possible phishing emails. https://docs.servicenow.com/bundle/london-security-management/page/product/security-incident-respon...
Resolved! Get running processes
Referring doc https://docs.servicenow.com/bundle/london-security-management/page/product/security-incident-response-orchestration/task/obtain-WMI-retrieval-workflow.html It says when I add windows/Unix CI, and put incident in analysis state, system a...
Resolved! Vulnerability Scanner
Can we scan CIs in my CMDB without Qualys or any thrid party vulnerability scanner? Just with my vulnerability base application?
Resolved! SecOps email parsing setup - email properties - not receiving email
Hi I'm trying to setup an email parser in security operations using McAfee ESM as an example. According to doc, it seems that Security Ops email properties handles 4 email adress' and you can add more by separating by commas. The questions is which...
Authentication Single Sign On with Key cloak or similar services
Is it technically possible to connect to one SNOW instance from two places using two different authentication mechanisms like LDAP and also Key Cloak. If yes, do we need specific connector or is there an available readymade connector?
Is there more information on Playbooks?
For example, can we create our own? Can we edit them?
Resolved! Failed Login Attempts not logged in the user table
When a user attempts to log into our Servicenow instance with incorrect credentials the login.failed event gets triggered however the user never gets locked. The user should be locked out after 3 login attempts. In the password reset properties the...
How Risk score is calculated? When the below are changed?
How Risk score is calculated? When the below are changed? Business impact on the Affected Users related listBusiness impact on the Affected Services related listBusiness impact on vulnerabilities on the Vulnerable items related list
Has anyone integrated Vulnerability with Tenable Professional instead of Tenable Security Center?
The application on Store seems to only be available for Security Center, not for Professional
