Hi,I hope you can help me. I would like to configure the Security Incident Response Workspace, but I don't know where to start. Could you help me with info, more technical, not process and interface.Thanks!
Hi all, How can I remove or hide a column from a Security Incident table list in the SIR workspace. Even make it visible only to admin is fine. Ex. If I want to hide/remove the below columns, is there anyway to do that? Thanks PriorityBusiness Impact...
We recently recreated our remediation target rules and have been rolling them out in phases to UAT. There are some VIT's that are not being assigned a remediation target rule, despite there being a VIT that meets the conditions of the remediation tar...
Hi,A custom table say 'u_test_table' created with only two reference field 'Task' referencing to task table and 'CTR' field referencing to test result table.when this custom table is pulled on the test result table as a related list, as an admin when...
Hello everyone.The data integrated by the SecOps function initially searches the CMDB using lookup rules and identification rules.If there is no CI as a result of the search, a record such as Unclass Hardware is created.This created record is linked ...
I would like to understand how the application behaves during the subsequent month’s scan if the same vulnerability reappears after an FP (False Positive) request has been raised and closed.Currently, we are marking the FP status only in ServiceNow, ...
Hello,In a recent update (or maybe since we switched from using Rapid 7 to Tenable) we have lost the manual "Close" button for Remediation Tasks (VULs). The VUL will close automatically only if all VIT statuses are Closed - Fixed (substate). Many of ...
VIT has been created with old remediation task rule. We have changed the Property "sn_vul.rerun_task_rules" to true and created new Remediation Task rule. We have created new rule, but the issue is the remediation task with new rule is not applied to...
Hi guys, i've installed the application and then i was asked to upload demo data (that i did not upload previously) how can i upload demo data now? thanks in advance
Hi,We have a unload.demo folder in our repository where we store the demo data files for our scoped application. After installing the application and clicking "Load Demo Data", we receive a success message, but no data is actually inserted. However, ...
Hello I am encountering a failure to connect ServiceNow and Nozomi. I have already used and connected the two applications with ServiceNow Service Graph Connector for Nozomi Networks. And Assets and Alert/incidents from Nozomi are loaded to my Servic...
SecOps-VR is working with InsightVM. When InsightVM determines that vulnerability information has been resolved, we expect that re-importing the vulnerability information into ServiceNow will automatically close the corresponding vulnerable items. Wh...
Hello EveryOne, We're observing an issue with the VUL (Remediation Task) state flow when handling exceptions:Raising an exception on a VUL creates a VCA record (moving VUL to In Review)After VCA approval, VUL correctly moves to DeferredWhen the Until...
I am working on converting over our Flows so they can be used in Playbooks under the Security Operations Workspace. The playbooks are calling the Flows properly and all the tasks are shown. It goes all the way to end and the playbook will show comple...
We enabled the 'Auto-close VI's on Retired CIs' option with the Vulnerability Response module. We then marked a CI as "retired". Both status and operational status fields for this CI were set to "retired". However, we are not seeing the existing ope...
