Exploring Now Assist for Vulnerability Response

  • Release version: Australia
  • Updated June 4, 2026
  • 5 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Exploring Now Assist for Vulnerability Response

    Now Assist for Vulnerability Response leverages generative AI skills and agents within the Vulnerability Response and supported applications to enhance vulnerability management workflows. It enables vulnerability managers, analysts, and cybersecurity teams to interact with security data using natural language queries, gain AI-powered insights, automate remediation guidance, and monitor SLA compliance, thereby improving efficiency and decision-making in vulnerability exposure and remediation.

    Show full answer Show less

    Key Features

    • Natural Language Data Queries: Users can ask questions in plain language to retrieve comprehensive vulnerability data across hosts, containers, and test results within Security Exposure 360.
    • AI Security Exposure Management: Provides visibility into AI-specific vulnerabilities, including automated red teaming findings and configuration issues across AI assets.
    • Agentic AI Exposure Assessment: Assesses exposure to known vulnerabilities, identifies affected assets, understands business impact, and creates watch topics for remediation.
    • Smarter Remediation Guidance: Offers AI-recommended fixes and remediation options based on asset context to accelerate vulnerability resolution.
    • Remediation and SLA Visibility: Monitors remediation progress, SLA compliance, and missed targets segmented by severity, team, and asset type.
    • Exception Approvals with Impact Analysis: Facilitates faster, data-driven decisions on exception requests with on-demand risk and business impact analysis.
    • Custom API Connectors: Enables developers to build API connectors using the Security Posture Control workspace to extend integration capabilities.
    • Vulnerable Item Deduplication: Identifies and consolidates duplicate vulnerability items to streamline data accuracy.
    • Dashboards and Reports: Provides actionable visualizations to track remediation progress, highlight critical exposures, and communicate risk posture to stakeholders.

    Intended Users

    • Vulnerability Managers and Analysts: Retrieve vulnerability data, prioritize remediation efforts, track SLAs, receive remediation assistance, and manage exception approvals.
    • Chief Information Security Officers (CISOs): Monitor overall security posture, assign remediation tasks, and oversee dynamic prioritization of AI exposures.
    • Developers and Cybersecurity Teams: Accelerate creation of custom API connectors and support integration with Security Posture Control functions.

    Benefits

    • Rapid data retrieval and analysis through natural language queries, reducing manual effort.
    • Enhanced visibility into AI-related vulnerabilities and overall attack surfaces.
    • Context-aware remediation recommendations to improve fix accuracy and speed.
    • Improved SLA tracking enabling proactive management of remediation timelines.
    • Streamlined exception approval process with AI-driven risk assessments.
    • Customizable integration via API connectors to tailor workflows.
    • Elimination of duplicate data for clearer vulnerability tracking.

    Next Steps for ServiceNow Customers

    To maximize the value of Now Assist for Vulnerability Response, explore how to use generative AI skills, configure agentic workflows, and apply AI capabilities specifically within your Vulnerability Response environment. Familiarize yourself with workflow setup and customization to align AI-driven assistance with your organizational security processes.

    Get information about how your vulnerability managers, analysts, and cybersecurity teams can use generative AI skills and agents with Vulnerability Response and supported applications.

    Now Assist for Vulnerability Response overview

    For more information about how generative AI skills and agents are supported in the Unified Security Exposure Management (USEM) workspace, see Now Assist in Unified Security Exposure Management.

    With generative AI skills and agents provided with the Now Assist for Vulnerability Response application, use generative AI to help you with the following tasks:
    Natural language data queries
    Vulnerability analysts and remediation owners can enter questions in plain language and receive comprehensive answers about all types of findings that include host, container, and test results vulnerabilities with Security Exposure 360.
    AI Security Exposure Management
    AI exposures is a dedicated module that provides visibility into the entire AI attack surface, including vulnerabilities, validation or automated red teaming findings, and security posture findings or configuration issues in various AI assets
    Agentic AI exposure assessment
    Assess exposure to known and CISA-listed vulnerabilities, identify affected assets, understand business impact, and create watch topics.
    Smarter remediation guidance
    Compare remediation options that are based on asset context and receive AI-recommended fixes to accelerate execution.
    Remediation and SLA visibility
    Monitor remediation progress, SLA compliance, and missed targets by severity, team, and asset type.
    Exception approvals with impact analysis
    Approve or reject exception change requests with on-demand analysis of risk and business impact.
    Create custom API connectors (Security Posture Control)
    Create your own API connectors in the Security Posture Control workspace with the Connector builder framework module. Note: Security Posture Control and its supported applications are required for this generative AI feature.

    Users

    Table 1. Users
    User Description
    Vulnerability managers, vulnerability admins, and analysts With the Security Exposure 360 agentic workflow, chat with an AI agent using natural language to retrieve host (Vulnerability Response) and Application Vulnerability Response (AVR) data, as well as Container Vulnerability Response and Configuration Compliance data.
    Vulnerability analysts, Chief Information Security Officers (CISO)s Monitors the organization’s overall risk posture across integrated environments, ensuring accurate asset discovery and classification for AI exposures correlation. These roles serve as an escalation point for remediation teams, assigns remediation tasks based on asset ownership and severity, and organizes AI exposure information into dynamic remediation tasks to streamline prioritization. Additionally, the role delivers actionable dashboards and reports to track remediation progress, highlight critical AI exposures, and communicate the current risk posture to stakeholders.
    Vulnerability managers and analysts Determine your exposure to vulnerabilities in your environment and their potential impact to your configuration items (CIs) and business services.
    Vulnerability managers and analysts Get insights into how well you're achieving your remediation targets for vulnerabilities according to your Service Level Agreements (SLAs).
    Vulnerability managers and analysts Provide steps for analysts to remediate vulnerable items (VITs) that are assigned to them with watch topics and remediation efforts.
    Vulnerability managers and analysts Get clear remediation assistance for how to resolve remediation tasks that includes potential, preferred solutions, if they are available.
    Vulnerability managers and analysts Identify and review duplicate vulnerable items that are imported by your vulnerability scanners. Identify the primary vulnerable item that is associated with a configuration item.
    Vulnerability managers and analysts Generate insights to prioritize findings that are based on contextual summaries, actionable recommendations, and quick links in the Security Exposure Management (SEM) workspace.
    Vulnerability managers and analysts Get on-demand recommendations to approve or reject exception requests directly from the Exception Change Approval record in the Security Exposure Management (SEM) workspace.
    Developers and cybersecurity teams Get guidance for how to accelerate the creation of custom API connectors for the Security Posture Control workspace.

    Benefits

    Benefit Feature Users
    Ask questions in natural language to help you quickly retrieve vulnerability and exposure data across legacy sources. Retrieve VR data Vulnerability (host) and Application Vulnerability Response (AVR) managers, admins, and analysts
    AI exposures is a dedicated module that provides visibility into the entire AI attack surface, including vulnerabilities, validation or automated red teaming findings, and security posture findings or configuration issues in various AI assets. Guardrail detector skill and agentic workflow Vulnerability analysts, Chief Information Security Officers (CISO)s
    Understand your security posture with AI-generated contextual summaries, recommendations, and insights to help you prioritize critical findings and take action directly from the findings view. SEM Insights skill Vulnerability managers, admins, and analysts
    Enable exception and false positive approvers to make faster, more consistent decisions while reducing manual analysis effort. Approval Recommendation skill Vulnerability managers, admins, and analysts
    Get guidance for how to accelerate the creation of custom API connectors for the Security Posture Control workspace. SPC Setup Connector skill Developers and cybersecurity teams
    Identify the primary (first-found) vulnerable item for a configuration item and remove duplicate Host Vulnerable items (VITs). Vulnerable item deduplication skill Vulnerability managers and analysts
    Get guidance for how to resolve remediation tasks that includes available potential, preferred solutions from third-party vendors. Recommend preferred solution for VIT skill Vulnerability managers and analysts
    • Identify assets with Common Vulnerabilities and Exposures (CVEs).
    • Determine the number of active vulnerability items (VITs) that correspond to CVEs.
    • Identify business services with known vulnerabilities.
    • Create watch topics for vulnerable item (VIT) remediation based on the information provided. The AI agent can create a Remediation Effort for the active VITs associated with the watch topic.
    		 Assess vulnerability exposure agentic workflow Vulnerability managers and analysts
    Gain insight into the progress of your Service Level Agreement (SLA) compliance summary for the past 30 days. View Groups and Asset Types that missed SLAs to help you track and adjust targets. Analyze vulnerability remediation status agentic workflow Vulnerability managers and analysts
    Retrieve relevant context and details for the vulnerable items assigned to you. Analyze, plan, and create steps for remediation. Remediation Assistance Vulnerability analysts

    What to explore next

    To learn more about generative AI skills and agentic workflows with Now Assist for Vulnerability Response, see: