Update: The video and slides are now available on this page. Hello all, I am pleased to now announce that the follow-up to the February 26 tutorial, will be published on March 27 at 10am PT. This second tutorial will pick up the step-by-step guide ...
Hello all, I have a requirement to bring in all ServiceNow Security Incident Records and any available fields that could be selected into Microsoft Power BI. This is really no different that Excel Power Query but I'm running into issues and gettin...
Hello Folks, My very first post on the platform, a fairly new person to ServiceNow; especially when it is about something that is not out-the-box. I have a request where the customer wants to have the following done when a vulnerable item is identi...
Hello everyone! I'm implementing Vulnerability Response for a client and I did the upgrade to Madrid yesterday. I'm trying to update my VIs through SAM NVD. I did import all the feeds on the NVD libraries. Nothing is created.... all the business rule...
I'm trying to figure out if I should allow xlsm files (Excel Macro Enabled Workbook) into our instance. I want to say "no" just because those files can use VB and I don't know what code people write. Does anyone know if there are security concerns w...
Hi All,I need to connet QRadar SIEM to ServiceNow using the Mid-Server.Which ports I need to open between QRadar and Mid-Server ?RegardsVincenzo
Hello, The user profile we created in service-now authenticates if I enter credentials by hitting the EDL URL from my browser. When I test the same URL from the Palo Alto Firewall(Panorama/v8.1.16) itself, I get a URL access error. I followed the in...
Hello all, So I know event management is the preferred means of dealing with INC in ServiceNow and that when one is using the default ServiceNow incident creation abilities, one can use the Duplication Rules. In our situation, we have so many thin...
Hi All, I'm being asked to step in and assist in create/perform some SecOps ServiceNow ITIL user level training in a few weeks. Looking for examples of Sec Analyst/Manager level ServiceNow training anyone has given or just some pointers on key area...
In our Security Incident module, priority is calculated when the record is first created. It is calculated again if the "Calculate Severity" UI Action is selected (if updates were made that would cause it to change). Any ideas on how I could make th...
with examples
Hello, I'm currently looking to map domains being sent from Splunk to our SNOW environment so that they'll also show up in the observable table. While there are fields for hash and IP, I'm not seeing any that would line up with domain other than othe...
Hi All, I am implementing Vulnerability response module. As part of that we have to implement "Scanner" under the Vulnerability scanning. I have gone through the Service-now doc but unable to implement. Can anybody suggest implementation steps, so ...
Hello all, I have recently had an instance of Security Operations installed in our environment that we are struggling to get value out of. The current situation has us getting an incident created, then once its created - the analyst has to take th...
How do I install ServiceNow Security Operations in the demo instance? I need to be able to test some applications for vendors integrations with my org and do not wish to do this in my prod environment. I need to be able to use my personal dev instanc...