Get a first look at what's coming. The Developer Passport Australia Release Preview kicks off March 12. Dive in! 

SecOps forum
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Forum Posts

Ask a Question

Resolved! SIRT Auto Assignment

Whenever I submit a security incident, it is picking SIRT group as an Assignment Group. Is there a way to change the this group assignment and select something else? Where can I find the setting for it?

James234 by Kilo Contributor
  • 2002 Views
  • 5 replies
  • 0 helpfuls

Resolved! What is the Security Module in SNOW?

Hi, What is the Security Module in SNOW? Why we require the same? Could you please explain in detail. Regards,      

Neha52 by Tera Contributor
  • 2866 Views
  • 3 replies
  • 1 helpfuls

ACL in Update Sets

Hi All, I'd like to raise a small question: If modifying the ACLs require security_admin role; while moving update sets having ACL changes from one instance to another instance, one should have a security_admin role. Please suggest. Thanks, Vishal

Vishal2 by Mega Contributor
  • 3405 Views
  • 6 replies
  • 1 helpfuls

Resolved! Where do we set up the User reported Phishing email address?

The docs say that we need to define an email address such as acme+phishing@service-now.com as the forwarding address for the possible phishing emails. https://docs.servicenow.com/bundle/london-security-management/page/product/security-incident-respon...

Steve Quayle by ServiceNow Employee
  • 2838 Views
  • 5 replies
  • 1 helpfuls

Resolved! Get running processes

Referring doc https://docs.servicenow.com/bundle/london-security-management/page/product/security-incident-response-orchestration/task/obtain-WMI-retrieval-workflow.html It says when I add windows/Unix CI, and put incident in analysis state, system a...

Khanna Ji by Tera Guru
  • 3228 Views
  • 5 replies
  • 2 helpfuls

Resolved! Vulnerability Scanner

Can we scan CIs in my CMDB without Qualys or any thrid party vulnerability scanner? Just with my vulnerability base application?

Khanna Ji by Tera Guru
  • 2735 Views
  • 9 replies
  • 4 helpfuls

Resolved! Failed Login Attempts not logged in the user table

When a user attempts to log into our Servicenow instance with incorrect credentials the login.failed event gets triggered however the user never gets locked. The user should be locked out after 3 login attempts.   In the password reset properties the...

Tony Santos1 by Tera Contributor
  • 3689 Views
  • 5 replies
  • 1 helpfuls

Email Parsing vs Inbound Email Actions

Do we need an inbound email action, when there is already an email parsing for security operations? How is both different from each other and should both be used for processing inbound emails for security incidents or just email parsing.

SecOps email inbox for incident creation

Hi folks, I realise there is a similar question here around this topic but I don't think it fully answers my current problem and my SIRI book is not very clear on the matter... I am currently implementing Security Incident Response which has a couple...

Brian Lawes by Tera Contributor
  • 4157 Views
  • 3 replies
  • 10 helpfuls

Mobile App Screen Shot Disabled?

How can I enable Mobile App screen shot's for our development instance? My personal instance allows screen shots on my Android Samsung 8 using the Service Now mobile app, but our development instance does not. I am an administrator, etc.    We need t...

victorwelch by Tera Contributor
  • 3358 Views
  • 2 replies
  • 0 helpfuls