Now Assist for Security Operations (SecOps) release notes

  • Release version: Store
  • Updated June 11, 2026
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Now Assist for Security Operations (SecOps) release notes

    Now Assist for Security Operations (SecOps) is a ServiceNow application that enhances Security Incident Response through generative AI capabilities. It empowers SOC teams by automating analysis, recommendations, and workflow enhancements to improve incident management efficiency and effectiveness.

    Show full answer Show less

    Key Features

    • Generative AI Skills and Agentic Workflows: Introduced product tiers offering AI-driven skills and automated workflows to accelerate incident resolution and analysis starting from April 2026 (version 6.0.0).
    • Post-Incident Analysis Skill: Automatically generates detailed post-incident reports including root cause analysis, impact assessment, and recommendations. This feature supports editing and saving analysis within both the Security Incident Response Workspace and UI16 legacy interfaces (introduced November 2024, version 1.1.2).
    • Recommended Actions Skill: Generates actionable next steps for analysts to close security incidents, with options to edit and save recommendations as worknotes or response tasks (introduced November 2024, version 1.1.2).
    • Correlation Insights: AI-driven insights that analyze configuration items (CIs) to support incident understanding. Improvements and bug fixes have been applied to enhance accuracy and UI visibility.
    • Security Incident Resolver v2: Expanded AI runbooks and agentic workflow capabilities to improve automated incident resolution (March 2026, version 4.3.1).
    • Quality Assessment Reports: Uses generative AI to produce quality assessment reports based on predefined rule sets, providing summaries and detailed rule assessments (December 2025, version 4.1.5).
    • Role Masking: Enhanced security by enabling role masking for agentic workflows and AI features (December 2025, version 4.1.5).
    • Model Updates: Transitioned to the Now LLM Long-Term Support (LTS) model for improved AI skill performance and stability.

    Fixes and Improvements

    • Resolved issues with feedback submission on AI-generated recommended actions for non-admin users.
    • Fixed display problems with change requests in correlation insights.
    • Improved chronological summarization and weighting of recent events in AI-generated summaries.
    • Performance enhancements for generating correlation insights and wrapping up security incidents.
    • Added generative AI validators and preprocessors to improve accuracy and reliability of correlation insights.
    • Removed dependency checks to simplify installation processes.

    Practical Impact for ServiceNow Customers

    ServiceNow customers using Now Assist for SecOps can expect streamlined incident response workflows powered by AI, enabling faster root cause identification, actionable recommendations, and comprehensive incident assessments. Role masking and security enhancements ensure controlled access to sensitive workflows. Continuous improvements and model updates support better AI accuracy and user experience, aiding SOC teams to manage security incidents more effectively on the ServiceNow platform.

    Version history for the Now Assist for Security Operations (SecOps) application on the ServiceNow Store.

    Important:
    For details on system requirements and family compatibility, view the application listing on the ServiceNow Store website.

    Version history

    Version 6.1.2 - June 2026
    • Fixed:
      • Submitting feedback on AI-generated recommended actions fails for non-admin users (e.g., analysts).
      • Correlation Insights - No output for certain CIs.
      • Generate Insights action visible even when Now Assist for Security Incident Response was not installed.
    • Changed:
      • Summarization skill enhancement to honor chronological order of events and to give more weightage to recent activity.
      • AI Gradient styling for Correlation Insights and Summarization.
    Version 6.0.1 - May 2026
    Changed: Removed install as a dependency check.
    Version 6.0.0 - April 2026
    New: Created product tiers to offer generative AI skills agents, agentic workflows, and features to help customers start with generative AI on the ServiceNow Platform.
    Version 4.3.5 - April 2026
    Fixed: Role masking Gap: Added generative AI request/response validators and preprocessor/postprocessor for the Correlation Insights feature.
    Version 4.3.1 - March 2026
    • New: Skill to evaluate natural language conditions.
    • Changed:
      • Security Incident Resolver v2 - AI Runbooks.
      • Extending security incident resolver agentic workflow capabilities.
    Version 4.2.1 - January 2026
    Fixed: Pre-run enabled tool fixed for the Shift Handover workflow.
    Version 4.1.5 - December 2025 (Zurich)
    • New:
      • Use generative AI to create a quality assessment report of a security incident. The reports are generated using a predefined, natural language rule-set. The quality assessment report provides an overall assessment summary followed by a detailed assessment for all the rules.
      • Provided support for all existing skills and agentic workflows with the new Now LLM LTS model.
      • Enabled Role Masking for all existing agentic workflows.
    • Changed:
      • All the skills under Now Assist for Security Incident Response are now turned ON by default.
      • Performance improvement for the Wrap Up Security Incident use case.
      • Improved Performance for Generating Correlation Insights.
    • Fixed: Bug fixes for Correlation Insights.
    Version 4.0.1 - November 2025
    Fixed: Change Requests were not getting displayed on the correlation insights modal
    Version 1.1.2 - November 2024
    • New:
      • Generate post-incident analysis skill:
        • Automatically generate a post-incident analysis for a security incident that includes a root cause analysis, impact assessment, and learning and recommendations information.
        • You have the option to edit and save generated analysis details.
        • Post-incident analysis is supported for security incidents in the Security Incident Response Workspace and in UI16 (legacy).
          • The generated post-incident analysis is saved in the Post incident analysis field on the Details tab and on the Overview tab on security incidents after you close them in the Security Incident Response Workspace.
          • InUI16 (legacy), the generated post-incident analysis is displayed on the Post Incident Review tab of the security incidents.
    • Generate security incident recommended actions skill:
      • Within the workflow and upon request, generate the next recommended steps your analysts can follow to help them close a security incident.
      • You have the option to edit and save recommended steps to worknotes or create a response task.
      • This skill is supported for security incidents in the Security Incident Response Workspace and in UI16 (legacy).
    Version 1.0.0 - August 2024
    Empower your SOC team with Generative AI capabilities for Security Incident Response.