Resolved! What is the Security Module in SNOW?
Hi, What is the Security Module in SNOW? Why we require the same? Could you please explain in detail. Regards,
SecOps forum
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- ServiceNow Community
- Products
- Security Operations
- SecOps forum
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Sort by Question Start Date
Forum Posts
ACL in Update Sets
Hi All, I'd like to raise a small question: If modifying the ACLs require security_admin role; while moving update sets having ACL changes from one instance to another instance, one should have a security_admin role. Please suggest. Thanks, Vishal
Resolved! Where do we set up the User reported Phishing email address?
The docs say that we need to define an email address such as acme+phishing@service-now.com as the forwarding address for the possible phishing emails. https://docs.servicenow.com/bundle/london-security-management/page/product/security-incident-respon...
Resolved! Get running processes
Referring doc https://docs.servicenow.com/bundle/london-security-management/page/product/security-incident-response-orchestration/task/obtain-WMI-retrieval-workflow.html It says when I add windows/Unix CI, and put incident in analysis state, system a...
Resolved! Vulnerability Scanner
Can we scan CIs in my CMDB without Qualys or any thrid party vulnerability scanner? Just with my vulnerability base application?
Resolved! SecOps email parsing setup - email properties - not receiving email
Hi I'm trying to setup an email parser in security operations using McAfee ESM as an example. According to doc, it seems that Security Ops email properties handles 4 email adress' and you can add more by separating by commas. The questions is which...
Authentication Single Sign On with Key cloak or similar services
Is it technically possible to connect to one SNOW instance from two places using two different authentication mechanisms like LDAP and also Key Cloak. If yes, do we need specific connector or is there an available readymade connector?
Is there more information on Playbooks?
For example, can we create our own? Can we edit them?
Resolved! Failed Login Attempts not logged in the user table
When a user attempts to log into our Servicenow instance with incorrect credentials the login.failed event gets triggered however the user never gets locked. The user should be locked out after 3 login attempts. In the password reset properties the...
Has anyone integrated Vulnerability with Tenable Professional instead of Tenable Security Center?
The application on Store seems to only be available for Security Center, not for Professional
Email Parsing vs Inbound Email Actions
Do we need an inbound email action, when there is already an email parsing for security operations? How is both different from each other and should both be used for processing inbound emails for security incidents or just email parsing.
SecOps email inbox for incident creation
Hi folks, I realise there is a similar question here around this topic but I don't think it fully answers my current problem and my SIRI book is not very clear on the matter... I am currently implementing Security Incident Response which has a couple...
How we can Procure the SSL/TLS certificates for ServiceNow Mid Server.
Hi All, As per our Client requirement it is asked to increase Mid Server Security.We have gone through the Link carefully-->https://docs.servicenow.com/bundle/london-servicenow-platform/page/product/mid-server/concept/mid-server-security-encryption.h...
Mobile App Screen Shot Disabled?
How can I enable Mobile App screen shot's for our development instance? My personal instance allows screen shots on my Android Samsung 8 using the Service Now mobile app, but our development instance does not. I am an administrator, etc. We need t...
Resolved! How to prevent ServiceNow from auto-assigning users to an incident?
I am currently using ServiceNow to create security incidents based on alerts from my SIEM. My issue is that while I am able to select the correct group for the incident assignment, it is currently auto-assigning the incident to random users in that g...
Labels
-
Application Vulnerability Response
25 -
Best Practices
37 -
Calculator
2 -
Cloud
2 -
CMDB
17 -
Configuration Compliance
42 -
Container Vulnerability Response
12 -
Cybersecurity Executive Dashboard
1 -
DLP
4 -
Flow Designer
6 -
integration
5 -
Integrations
38 -
MSIM
2 -
Multiple Versions
13 -
Now Assist for SecOps
4 -
Now Assist for VR
1 -
Qualys
13 -
Security Incident Response
178 -
Security Operations
79 -
Security Posture Control
3 -
Threat Intelligence
33 -
Threat Intelligence Security Center
2 -
TISC
2 -
Trusted Security Circles
1 -
Unified Security Exposure Management
3 -
Vulnerability Response
319 -
Workflow
11
New solutions
