I' d lke to know how to creat VI automatically.I guess there must be something like Script Include, Business rule, Flow designer and Job schedule.However I can't find them...If anyone knows how to be created, then really apprecitated.
Hi, anyone I'm triyng to sell OTM to customer but they already have security tool which provides detect asset in factory but not provide CVE info.As you may know, OTVR can have vulnerability Item by connecting asset and CVE using Service Graph Connec...
Hi All,I want to understand how risk score is populated on Remediation task in Vulnerability response module. If there is any logic through which risk score is populated in remediation task then where can I customize it .Thanks in advance !@isaak_pap...
Hello,I'm searching the How the preferred solution is attached with the remediation Task form,The problem is it seems it not putting the latest one or If I want to verify its correct how I can do it?Can you help here?#Vulnerability #Response #Preferr...
How does "% VIs remediated " (percent_vi_complete) and "% VIs remediated "(percent_nd_vi_complete) gets value in "sn_vul_nvd_entry" table.
I am currently in the process of deploying VR for two separate clients. We have deployed the Vulnerability Solution Management Application as per our normal practice as both clients are entitled to the application. The issue here is that the "Microso...
Hi, We have a bunch of assignment rules configured on vulnerable items based on the values contained in resource tag field of discovered items table. How to re-run assignment rules on vulnerable items when resource tag on discovered item is updated?F...
Hi,We have upgraded our instances to Vancouver but the resource tags on the assignment rules are empty on the record view. When I over the filter conditions from the list view, it shows the resource tag. Tried to update the rules with resource tags a...
Hi All, We need to whitelist few CI's in the vulnerability response application and the customer don't want to see any VIT or VUL record for the same. Is there is any system property or any other alternate mechanism available to achieve this in OOB? ...
We are investigating using the ServiceNow ML Assignment Recommendations. We have already set up, configured, and trained a classification solution. The idea was to test this out by using the code in the below ServiceNow documentation inside of an a...
Hi everyone. I need a layman's term understanding. I have watched videos, but it is not very clear. From Qualys, The system will search using QID in the Discovered Item table, if no record is found, it will invoke the CI Look up rule and then if it a...
Hello, I have checked the auto-close configuration to close the VIT's related to retired CI's.But the VIT's are not getting closed. I checked the scheduled job : Close detections/VIs for decommissioned CIs.In this the sn_vul_ci_di_manifest table does...
Hi All, We have a requirement to update risk rating for existing AVITs. We have written a fix script to update risk rating. Once it is executed, the risk rating is updated to the new value but after some seconds, the system is updating back to previo...
ServiceNow recently added the ability to separate out detections by proof into individual VI (https://docs.servicenow.com/bundle/vancouver-security-management/page/product/vulnerability-response/concept/add-proof-to-vi-key-rapid7.html). A classic exa...
I am wondering if anybody has used Qualys asset groups in the assignment rule conditions before, I'm trying to avoid using hundreds of IPs/ ranges in the conditions but I can't seem to dot walk to the asset groups.
