Resolved! DevSecOps
Hello, can someone share with me a link for training or guidance regarding DevSecOps? Thanks in advance.
Forum Posts
Resolved! How do i add the Vulnerability score (v4) to the VIT form
How do i add the Vulnerability score (v4) to the VIT form. I want this field to be populated from the NVD table if a value exist for each CVE, just as the V3 and V2 score. I am tempted to use a business rule but I am open to any ideas.
Risk Score Calculation from Vulnerability Calculators
Can we calculate risk score by having field value in range in risk calculator criteria and not exact value...likewise x field value is 0.8...so instead of that can we have the field value as 0.7-0.9...as such I am taking in range and it's not working...
Do you assign VITs to users, or only groups?
We received a request to allow users to use list_edit on the sn_vul_vulnerable item table, to bulk assign VIT to themselves. OOB there is an ACL that prevents ANYONE from using list_edit on the VIT table (and sn_vul_vulnerability VUL as well) ... whi...
Matched Discovered Items have empty 'Matching type for the DI' field
We have Rapid7 integration setup for Vulnerability response. Many of the Discovered Items that have 'Matched' state has empty 'Matching type for the DI' field. How is this possible?Is this a known error or is this happening due to some gaps?
New Wiz integration from servicenpw
Has anyone installed the new Wiz Vulnerability Response integration and uninstalled the old one ? we are seeing deprecated tables hanging around especially the Wiz details tab. looking to see what solutions were implemented
'Public Exploit' field in Vulnerability
Does any know how the value for 'Public Exploit' field is populated in the Vulnerability database?On our instance the value is set to 'unknown' for all the vulnerabilities.I am not able to find any information about the field in ServiceNow documentat...
Resolved! Search directly for CVE’s with Tenable.sc plugin-based integration
Our VR integration is with tenable sc. The data comes in as tenable plugins (third party entries) We would like a way to search for CVEs without having to go through Tenable plugins (Third party Entries). This is really for reporting/ Performance Ana...
Rescan Vulnerability Subflows Shipped with VR
Summary: We recently implemented SecOps / Vulnerability Response integrated with our Tenable instance (working great!) Our Info Security teams run scans only once a month, so they remain static unless you click the ‘Rescan’ UI action from ServiceNow,...
Resolved! Tenable.sc Fixed Vulnerabilities Integration failing
We have configured Tenable.sc integration on our instance. All jobs are working fine except - Tenable.sc Fixed Vulnerabilities Integration.The job keeps on failing and we get below error. FYI, we don't want new items to be inserted for fixed vulnerab...
How to Clone a Widget to the Home Page on the ESC Portal?
Hi, I want to display the Software widget (currently available on a page) on the home page of the Employee Service Center (ESC) portal. Could someone guide me on how to clone or move this widget to the home page without breaking its functionality? Th...
Resolved! Information on _queryMatch
I am trying to understand exactly how _queryMatch works in the Lookup Rules. There is very little information other than the start of the default scripts.// _queryMatch function checks if the query returns 0, 1 or more than 1 CI. // it returns: // ...
How to create an Asset query from tenable to ServiceNow
Hi, I am trying to get a query for the scheduled import of assets from tenable SC to ServiceNow, I already have one with the following:Type: VulnerabilityTool: Vulnerability Detail ListBut I don't know if this is correct and I need some more query to...
Security operations integration
Do we have an integration facility with MSFT Defender Attack Surface Manager? If yes, kindly share any documentation w.r.t integration procedures
Is "Secure Attachment" in Security incident Response safe to upload malicious files?
Hi all, I want to know how the "Secure Attachments" are managed on ServiceNow. Say we have a phishing email that got escalated to a security incident or the analyst wants to submit a malicious file to sandbox, is it safe to upload it in "Secure Attac...
