This type of integration workflow helps retrieve a list of active network connections from a host or endpoint, so it can be used to enrich incidents during investigation.
A.
Security Incident Response – Get Running Services
B.
Security Incident Response – Get Network Statistics
C.
Security Operations Integration – Sightings Search
D.
Security Operations Integration – Block Request
The Get Network Statistics capability retrieves a list of active network connections from a host or endpoint. It can be used for incident enrichment during investigations. This capability is triggered automatically when a configuration item is added to a security incident....https://www.servicenow.com/docs/bundle/xanadu-security-management/page/product/security-operations-common/concept/get-network-statistics-capability.html
Explanation: ebook p.147, Get Network Statistics: REtrieves a list of active netowkr connections from an endpoint or host, This capability is used for incident nerichment during investigations.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
NokoNice
3 days, 4 hours agoDukeCheckem
7 months agoSazeka
8 months agoSazeka
8 months agosephereth
11 months, 2 weeks agoMrBravo
5 months agoSazeka
8 months ago