File upload security

nancym · ‎02-02-2022

Hi, I had a customer ask me about using the file attachment function for a malicious file... they are wondering if we can get the information from the file without actually storing it. Their concern was someone opening the file and unleashing bad stuff. They want to keep the actual file out of the environment. Does anyone have insight here? Thank you,

Nancy

Alex Cox · ‎02-02-2022

Hi Nancy,

The Secure File Attachment feature in Security Incident Response may help:

https://docs.servicenow.com/bundle/rome-security-management/page/product/security-incident-response/task/manage-file-observables.html

I believe these lookups happen when you use the related UI action illustrated on that page!

Alex

View solution in original post

Alex Cox · ‎02-02-2022

Hi Nancy,

The Secure File Attachment feature in Security Incident Response may help:

https://docs.servicenow.com/bundle/rome-security-management/page/product/security-incident-response/task/manage-file-observables.html

I believe these lookups happen when you use the related UI action illustrated on that page!

Alex