Security & privacy tab in AI Control Tower

  • Release version: Australia
  • Updated March 12, 2026
  • 9 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Security & privacy tab in AI Control Tower

    The Security & privacy tab in AI Control Tower provides ServiceNow customers with a comprehensive dashboard to monitor and manage AI asset security metrics. It offers visual insights into access issues, dormant and privileged AI agents, and maps the relationships between ServiceNow agents, agentic workflows, and tools. This tab enables customers to identify potential security risks and remediate them effectively to maintain a strong security posture of their AI assets within their ServiceNow instance.

    Show full answer Show less

    Key Features

    • Dashboard Visualizations: Displays charts and graphs covering access issues, privileged AI agents, dormant AI systems, and MCP server access metrics to help monitor AI asset health.
    • Access Map: Provides a node-graph visualization showing connections among AI agents, workflows, and tools. It helps investigate access issues and configure agent details. Warning icons highlight agents with access problems.
    • AI Asset Security Score: Measures the health of AI assets based on access issues, privileged agents, and dormant systems. Customers can view detailed asset lists, mute specific assets, and customize scoring by adjusting category weights or excluding certain guardrails.
    • AI Asset Security Tasks: Allows creation and management of remediation tasks directly from the dashboard or list views. Tasks older than 180 days are archived, with archival settings configurable.
    • ServiceNow AI Insights Integration: Requires enabling the Now Assist AICT Security Posture Summarizer skill to receive summarized positives, areas for attention, high impact observations, and recommended actions for improving security posture.
    • MCP Server Access Metrics: Tracks authorized and failed access attempts by ServiceNow AI agents and third-party clients connecting through the instance’s AI Gateway.
    • Guardrails Monitoring: Includes analytics on prompt injection, offensive content, sensitive data detection, data integrity incidents, agent goal deviation, and detection of personally identifiable information (PII) or security-vulnerable patterns in AI agent outputs.
    • Configuration Options: Customers can customize which data models or guardrail policies to include or omit for various security charts, enhancing the relevance of monitoring for their environment.

    Practical Use for ServiceNow Customers

    • Continuously monitor AI agents and workflows to detect and resolve security vulnerabilities and access issues.
    • Use the access map to visualize and troubleshoot relationships and permissions between AI assets.
    • Manage AI asset security tasks efficiently to remediate risks and maintain compliance.
    • Leverage AI insights to understand security posture highlights and prioritize remediation actions.
    • Customize security monitoring to align with organizational policies, including sensitive data protection and guardrail enforcement.
    • Gain visibility into AI interactions with MCP servers to ensure authorized and secure communication.

    This tab empowers ServiceNow customers to proactively safeguard their AI environment, ensuring AI assets operate securely with appropriate access and compliance controls.

    Review AI asset security metrics such as access issues, dormant and privileged AI agents, and map the relationships of your ServiceNow agents, agentic workflows, and tools.

    The Security & privacy tab of AI Control Tower offers a dashboard-based overview of your AI asset security metrics. The dashboard contains several visualizations detailing AI asset security metrics. In addition to tracking metrics, the Security & privacy tab contains the access map, a tool that gives an node-graph visualization of the relationships between your ServiceNow agents, agentic workflows, and tools. You can use the map to investigate the relationships between your AI agents and workflows further.

    Note:
    You can drill down into the data on each widget by selecting the chart.

    Security & privacy tab on the AI Control Tower dashboard.

    ServiceNow AI Insights

    ServiceNow AI Insights require that the Now Assist AICT Security Posture Summarizer skill is enabled. For more details, see Activate a Now Assist skill.

    AI Control Tower AI insights summarize positives and potential issues to remediate to improve the overall security posture of your instance.
    • Positives: Enabled settings and features that help improve your security posture.
    • Areas for Attention: Low- to medium-risk items to resolve.
    • High Impact Observations: High-risk items to resolve.
    • Actions: Suggested action items to address Areas for Attention and High-Impact Observations.

    Access map

    The Access map displays a node map detailing the relationships of your ServiceNow® agents, agentic workflows, and tools. You can use the map to review these relationships, configure agent details, and resolve access issues. The map includes filters for both agents and agentic workflows. You can open the access map by either navigating to All > AI Security and Privacy > Access Map, or selecting the link in the dashboard. See Using the access map to learn how to use access map.
    AI Control Tower access map.

    If a warning icon appears on any agent, that agent may have access issues. Select the warning icon to see details such as the workflow, agent, and tool associated with the access issue.

    In Access issues, the User ID is the ID of the user who ran the agent.
    AI Control Tower access map with access issues shown.

    AI asset security score

    The AI asset security score is a measure of the health of your AI assets in terms of access issues, privileged AI agents, and dormant AI systems.
    ServiceNow AI asset security score.

    AI assets impacting your score
    To see more information about your score, select See details in the Security & privacy tab. A list view shows the AI assets that are included in your AI asset security score calculation. Your score is the average of all managed AI assets listed. Users should actively manage and review their agent assets and not rely solely on this AI asset security score.
    You can exclude an AI asset from your score by selecting a row and selecting Mute. For example, you can mute an AI asset if you determine that remediating the asset’s issue would be a risky change. You can also configure the score to remove large language model (LLM) guardrail categories from the score or change the weights of categories. For more information, see Data sharing, Data overflow processing, and Security & privacy in AI Control Tower.
    Table 1. AI asset details
    Column Description
    AI system Name of the AI asset.
    Category

    Type of issue, such as dormant AI system, privileged AI agent, or access issue.
    Provider Whether the asset is provided by ServiceNow or is external.
    Score impact The percentage impact to your AI asset security score.
    Date Date the issue occurred.
    AI Task The AI asset security task to remediate the issue, if applicable.

    Access

    Access issues

    The Access issues chart displays the proportion of AI agents that may be experiencing access-related issues and lists the top AI systems with access issues. AI agents with access issues may be unable to complete their workflows due to the access issue. Hover over a portion of the chart to see the exact proportion and count of agents.


    Donut chart detailing the AI agent access issues.

    You can create AI asset security tasks directly from the list view by selecting Create AI task. See all active AI asset security tasks in AI assets in the AI Task section. Access to this section requires the sn_vsc.task_manager role.

    Resolved AI asset security tasks that are over 180 days old are archived. Archival days can be configured in system properties.

    Privileged AI Agents

    The area chart shows AI agents with elevated permissions such as an agent with admin or security admin permissions that can perform critical actions. Some workflows require that AI agents have elevated permissions to complete. Hover over a portion of the chart to see the exact number of privileged agents on that day.

    To show AWS agent metrics, filter the metrics by selecting AWS Bedrock in the provider drop-down list. You must have an AWS account configured for your instance and the Now Assist AiSP AWS IAM Privileged Policy Checker skill enabled. For more details, see AI connections setup and Activate a Now Assist skill.


    Area chart detailing the privileged AI agents.

    You can create AI asset security tasks directly from the list view by selecting Create AI task. See all active AI asset security tasks in AI assets in the AI Task section. (Role required: sn_vsc.task_manager.)

    Resolved AI asset security tasks that are over 180 days old are archived. Archival days can be configured in system properties.

    Dormant AI systems

    The area chart shows AI agents that have not been active for over 90 days. Review dormant AI agent permissions to reduce security risk. Hover over a portion of the chart to see the exact number of dormant AI systems for that day.

    To show AWS agent metrics, filter the metrics by selecting AWS Bedrock in the provider drop-down list. You must have an AWS account configured for your instance. For more details, see AI connections setup.


    Area chart detailing dormant AI systems.

    When an AI agent becomes dormant, an AI asset security task is created automatically to streamline your workflow, and quickly resolve issues. The AI asset security task is assigned to the agent’s owner. See all active AI asset security tasks in AI assets in the AI Task section.

    Resolved AI asset security tasks that are over 180 days old are archived. Archival days can be configured in system properties.

    ServiceNow instance access to MCP servers

    MCP server access metrics include MCP client-server interactions routed through this instance's AI Gateway. Interactions that bypass the AI Gateway or are routed through another instance's AI Gateway aren't included.

    Clients connecting to MCP servers
    The Clients connecting to MCP servers chart shows the top 10 clients (ServiceNow AI agents or registered third-party MCP clients) connecting to MCP servers through this instance's AI Gateway. MCP server access metrics are captured for all client-server interactions routed through the AI Gateway. To see more clients, select the chart to drill down into the data.
    Authorized access attempts to MCP servers
    The Authorized access attempts to MCP servers chart shows successful access attempts from MCP clients to MCP servers through this instance's AI Gateway. Clients include ServiceNow AI agents and registered third-party MCP clients. To see more attempts, select the chart to drill down into the data.
    Failed access attempts to MCP servers
    The Failed access attempts to MCP servers chart shows unsuccessful access attempts from MCP clients to MCP servers through this instance's AI Gateway. Clients include ServiceNow AI agents and registered third-party MCP clients. To see more data, select the chart to drill down into the data.

    Guardrails

    Prompt injection
    These charts show prompt injection data provided by Now Assist Guardian. To see data, enable Now Assist Guardian for your instance. For more details, see Now Assist Guardian analytics.
    Offensive content
    These charts show offensive content data provided by Now Assist Guardian. To see data, enable Now Assist Guardian for your instance. For more details, see Now Assist Guardian analytics.
    Sensitive data

    The Sensitive data detected chart shows sensitive data that was identified in user responses to Now Assist prompts. Exposure of sensitive data is limited to the LLM in your instance.

    The Sensitive data anonymized chart shows prompt data that met configured data patterns. This data was anonymized based on the configuration for the pattern in Configuration Data Patterns in Data Privacy.

    Data integrity incident detection
    The Data integrity incident detection chart is designed to help show potential violations of certain LLM guardrail policies. ServiceNow analyzes the AI agent’s output from each of its tasks deterministically to detect potential violations. You can choose to include or omit these policies. For more information about policies and how to configure data for this chart, see Data sharing, Data overflow processing, and Security & privacy in AI Control Tower.
    Agent goal deviation
    The Agent goal deviation chart is designed to help identify when AI agents may have deviated from their intended role or objective during execution. Deviations include but aren’t limited to unauthorized actions or prompt injection attempts. The data is collected by analyzing agent execution history and then evaluated by AI. You can choose the data models to include or omit. Due to the probabilistic nature of the analysis by data model, not all occurrences may be identified. For information on how to configure data for this chart, see Data sharing, Data overflow processing, and Security & privacy in AI Control Tower.
    AI agent output with PII detected
    The AI agent output with PII detected chart shows when agents' LLM output potentially contains personally identifiable information (PII). The data is collected by analyzing LLM output for PII sensitive data patterns specified in Data Privacy and additional PII patterns. These are the default Data Privacy sensitive data patterns: credit card, date of birth, email, Social Security number, U.S. bank ABA routing number, and U.S. phone number.

    ServiceNow analyzes the AI agent's output from each of its tasks deterministically based on the widely known patterns listed to find out potential security vulnerabilities. For example, U.S. phone number, credit card number, or Social Security number.

    You can choose to include or omit potential PII patterns to detect. For information on how to configure data for this chart, see Data sharing, Data overflow processing, and Security & privacy in AI Control Tower.
    Agentic output injection detection
    The Agentic output injection detection chart shows when agents' LLM output potentially contains known security-vulnerable patterns. These patterns are Eval-Function-Audit, Html-Tag-injection, Non-printable-class, Script-Tag-injection, SQL-query-injection, and Terminal-RCE from the sn_data_discovery_data_pattern table in the AI Security and Privacy application.

    ServiceNow analyzes the AI agent's output from each of its tasks deterministically based on the patterns listed to find out potential security vulnerabilities. For example, HTML tags shouldn't have scripts associated with them for cross-site script attacks (XSS), or stacked SQL queries could result in SQL injection attacks.

    You can choose to include or omit potential patterns to detect. For information on how to configure data for this chart, see Data sharing, Data overflow processing, and Security & privacy in AI Control Tower.
    Note:
    These security-vulnerable patterns are ever-evolving, so not all patterns may be identified.