Hi all, Can someone please explain to me how the 'Age' field is calculated on a vulnerable item. It appears to be in 'days' before change to milliseconds. I'd like to know what is the trigger point for when it changes.
Hi All,I need to connet QRadar SIEM to ServiceNow using the Mid-Server.Which ports I need to open between QRadar and Mid-Server ?RegardsVincenzo
Hello, The user profile we created in service-now authenticates if I enter credentials by hitting the EDL URL from my browser. When I test the same URL from the Palo Alto Firewall(Panorama/v8.1.16) itself, I get a URL access error. I followed the in...
Hello all, So I know event management is the preferred means of dealing with INC in ServiceNow and that when one is using the default ServiceNow incident creation abilities, one can use the Duplication Rules. In our situation, we have so many thin...
Hi All, I'm being asked to step in and assist in create/perform some SecOps ServiceNow ITIL user level training in a few weeks. Looking for examples of Sec Analyst/Manager level ServiceNow training anyone has given or just some pointers on key area...
What is the use of playbook? Can anyone help with some link or PDF regarding playbook functionality.
In our Security Incident module, priority is calculated when the record is first created. It is calculated again if the "Calculate Severity" UI Action is selected (if updates were made that would cause it to change). Any ideas on how I could make th...
with examples
Hello, I'm currently looking to map domains being sent from Splunk to our SNOW environment so that they'll also show up in the observable table. While there are fields for hash and IP, I'm not seeing any that would line up with domain other than othe...
Hi All, I am implementing Vulnerability response module. As part of that we have to implement "Scanner" under the Vulnerability scanning. I have gone through the Service-now doc but unable to implement. Can anybody suggest implementation steps, so ...
Hello all, I have recently had an instance of Security Operations installed in our environment that we are struggling to get value out of. The current situation has us getting an incident created, then once its created - the analyst has to take th...
How do I install ServiceNow Security Operations in the demo instance? I need to be able to test some applications for vendors integrations with my org and do not wish to do this in my prod environment. I need to be able to use my personal dev instanc...
Hello, I need some suggestions to fix an issue that appeared on a customer's instance. Basically, some approvers aren't able to read RITMs they're approving. Which is strange, since from perspective on process, I don't understand how someone would ap...
Can anyone explain how Risk Score on Vulnerable Item and Vulnerable Group is calculated? The risk score calculator and roll-up calculator doesn't really make sense I have already gone through the attached: https://docs.servicenow.com/bundle/londo...
Hi, I am trying to explore the Security Operations tanium Integration plugin. Can I please get an information on what all field related data can be gathered with tanium? Example: IP address, serial number, MAC address etc. What would be a preffered s...
