Hi All, I'd like to raise a small question: If modifying the ACLs require security_admin role; while moving update sets having ACL changes from one instance to another instance, one should have a security_admin role. Please suggest. Thanks, Vishal
The docs say that we need to define an email address such as acme+phishing@service-now.com as the forwarding address for the possible phishing emails. https://docs.servicenow.com/bundle/london-security-management/page/product/security-incident-respon...
Referring doc https://docs.servicenow.com/bundle/london-security-management/page/product/security-incident-response-orchestration/task/obtain-WMI-retrieval-workflow.html It says when I add windows/Unix CI, and put incident in analysis state, system a...
Can we scan CIs in my CMDB without Qualys or any thrid party vulnerability scanner? Just with my vulnerability base application?
Hi I'm trying to setup an email parser in security operations using McAfee ESM as an example. According to doc, it seems that Security Ops email properties handles 4 email adress' and you can add more by separating by commas. The questions is which...
Is it technically possible to connect to one SNOW instance from two places using two different authentication mechanisms like LDAP and also Key Cloak. If yes, do we need specific connector or is there an available readymade connector?
For example, can we create our own? Can we edit them?
When a user attempts to log into our Servicenow instance with incorrect credentials the login.failed event gets triggered however the user never gets locked. The user should be locked out after 3 login attempts. In the password reset properties the...
The application on Store seems to only be available for Security Center, not for Professional
Do we need an inbound email action, when there is already an email parsing for security operations? How is both different from each other and should both be used for processing inbound emails for security incidents or just email parsing.
Hi folks, I realise there is a similar question here around this topic but I don't think it fully answers my current problem and my SIRI book is not very clear on the matter... I am currently implementing Security Incident Response which has a couple...
Hi All, As per our Client requirement it is asked to increase Mid Server Security.We have gone through the Link carefully-->https://docs.servicenow.com/bundle/london-servicenow-platform/page/product/mid-server/concept/mid-server-security-encryption.h...
How can I enable Mobile App screen shot's for our development instance? My personal instance allows screen shots on my Android Samsung 8 using the Service Now mobile app, but our development instance does not. I am an administrator, etc. We need t...
I am currently using ServiceNow to create security incidents based on alerts from my SIEM. My issue is that while I am able to select the correct group for the incident assignment, it is currently auto-assigning the incident to random users in that g...
How do I remove the assignment group which was assigned automatically upon submit? I have set the assignment rule to "Manually" for the requests. Upon creating and submitting while leaving the assignment group blank, it will be automatically popula...
