Hello all, I have recently had an instance of Security Operations installed in our environment that we are struggling to get value out of. The current situation has us getting an incident created, then once its created - the analyst has to take th...
How do I install ServiceNow Security Operations in the demo instance? I need to be able to test some applications for vendors integrations with my org and do not wish to do this in my prod environment. I need to be able to use my personal dev instanc...
Hello, I need some suggestions to fix an issue that appeared on a customer's instance. Basically, some approvers aren't able to read RITMs they're approving. Which is strange, since from perspective on process, I don't understand how someone would ap...
Can anyone explain how Risk Score on Vulnerable Item and Vulnerable Group is calculated? The risk score calculator and roll-up calculator doesn't really make sense I have already gone through the attached: https://docs.servicenow.com/bundle/londo...
Hi, I am trying to explore the Security Operations tanium Integration plugin. Can I please get an information on what all field related data can be gathered with tanium? Example: IP address, serial number, MAC address etc. What would be a preffered s...
I have an issue with my PIR not being generated into a PDF file and attaches itself into the SIR form once the state has been closed. The OOB BR "Generate PIR PDF" was set to inactive by default and I was still able to generate out a PDF. I have do...
Hi, I am trying to integrate Qualys with ServiceNow (London) using the Setup assistant and getting the following error. Can anyone help?
Hey Folks, I have an unusual situation where we are trying to restrict download the file types in ServiceNow instance by means of "Instance security dashboard" So i have specified the file types under system property 'glide.ui.strict_customer_uploade...
Hi All,I would like to know about certain points for importing CVE's into ServiceNow through NIST NVD data base : 1) NVD data feeds table 'sn_vul_nvd_repo' shows Recent and Modified, what is the significance and difference between the entries stored ...
Hi, I need to understand how the process behind rollup calculators works. I do know it uses a weighted average of scores but what I need to know is how do you apply a calculator to a vuln group or groups. Unlike vulnerability calculators where th...
Hi Secops Experts, I am planning to integrate ServiceNow vulnerability application with Qualys Vulnerabilities for pulling in data to ServiceNow. What is your suggestion for this integration on data consideration. 1) Should I pull all vulnerabilities...
What is the basic difference between edge level and column level encryption. What is the most specific to work with for data encryption.
Hello, In Sightings Search Configuration it is possible to create multiple searches per Observable Type. Is it possible to then allow analysts to chose the search they want to use when running a Sightings Search in an SIR? For example, I'd like to ha...
Does anyone have a best practice or workflow suggestion on using the SecOps module for Insider Threat investigations? One requirement is making sure that the scope of knowledge is limited to just one group in the SOC. Therefore, VM and IR teams are...
Hello everyone, I'm developing Security Incident Response module for a cliente. It's my first experience managing scopes. I have created an update set on Security Incident scope but when I do some changes I see the following records created on the up...
