Bitsight for Security Incident Response for ServiceNow: Testing the Configuration Ingrid To test your Bitsight for Security Incident Response by ServiceNow configurations, go to Bitsight for Security Incident Response ➔ Risk Vector Category Mappings. Check if the correct Security Incident category and subcategory are configured for the Compromised Systems risk vectors. Risk Type Mapping Risk Type: potentially_exploited Category: Malware Sub-category: C&C Communicated Outbound Risk Type: malware_servers Category: Rogue server or service Sub-category: None Risk Type: botnet_infections Category: Malicious code activity Sub-category: Botnet Risk Type: spam_propagation Category: Spam source Sub-category: Spam relay Risk Type: unsolicited_comm Category: Reconnaissance activity Sub-category: Port scanning In case these records are not created (i.e., the fix script failed), you can manually create these records as an admin user by clicking the New button on the list. After the import jobs are run (either on schedule or immediately), go to Bitsight for Security Incident Response ➔ Bitsight Observations. October 25, 2021: Published. Related articles Bitsight for Security Incident Response by ServiceNow Bitsight for Security Incident Response by ServiceNow Integration Guide Bitsight Continuous Monitoring for Third-party Risk Management (TPRM) by ServiceNow Bitsight for IT Service Management by ServiceNow: Integration Guide Bitsight for IT Service Management by ServiceNow: Integration Troubleshooting Feedback 0 comments Please sign in to leave a comment.