Combined Unified Security Exposure Management release notes for upgrades from Vancouver to Zurich

zurich Combined Product Files

Release

yokohama

ft:locale

en-US

ft:publication_title

zurich Combined Product Files

ft:clusterId

delta3zv

bundleId

delta3zv

Combined Unified Security Exposure Management release notes for upgrades from Vancouver to Zurich

Release version: Yokohama

Updated January 30, 2026

9 minutes to read

Consolidated page of all release notes for Unified Security Exposure Management from Vancouver to Zurich.

How to use this page

To help you prepare for your upgrade, we have combined the cross-family Unified Security Exposure Management release notes onto one page. Read this summary of the new features, changes, and updated information for your product from Vancouver to Zurich.

Tip:

If there were no updates for a release notes section in a certain family release, we included a short note for your reference. For example, if a product did not have any updates in Tokyo, the row says "No updates for this release."

Important information for upgrading Unified Security Exposure Management to Zurich

Before you upgrade to Zurich, review these pre- and post-upgrade tasks and complete the tasks as needed.


Release	Release notes
Vancouver	No updates for this release.
Washington DC	No updates for this release.
Xanadu	No updates for this release.
Yokohama	No updates for this release.
Zurich	Unified Security Exposure Management is available to all customers who are entitled to Vulnerability Response, however, migrating to USEM is a major upgrade that introduces a unified architecture for improved performance, scalability, and streamlined workflows. Before upgrading, leverage the Migration assistant for Unified Security Exposure Management that is available as an update set. See the Migration Guidance to Unified Security Exposure Management [KB2556844] Knowledge Base article for more information. This tool provides a guided experience for plugin installation, data mapping, rule migration, and post-migration validation, reducing risk and manual effort. Ensure all integrations and workflows are reviewed for compatibility before initiating migration. For more information, see Migrating to USEM and Migrate to USEM.

New features

Between your current release family and Zurich, new features were introduced for Unified Security Exposure Management.


Release	Release notes
Vancouver	No updates for this release.
Washington DC	No updates for this release.
Xanadu	No updates for this release.
Yokohama	No updates for this release.
Zurich	Enhanced security exposure management Introduced Security Exposure Management Workspace for all security personas, providing a centralized platform for managing security exposures. It includes the following views: Findings view: Comprehensive filtering, dashboard creation, and visualization controls enable efficient analysis and prioritization. Remediation view: Multiple work modes (tasks, findings, assets) facilitate effective remediation strategies. Approval view: The Exception Management UI now provides enhanced insights directly within the Change Approval record, enabling approvers to make informed decisions without navigating to related records. Additionally, the Approver landing page has been redesigned with an improved table view and additional columns, delivering better visibility and context for all findings. These enhancements streamline the approval workflow, reduce manual effort, and accelerate decision-making for exception requests. Streamlined administration Introduced Administration console to enable one-stop configuration for all Unified Security Exposure Management applications, including assignment rules, classification rules, and remediation targets. It provides consistent workflows across Vulnerability Response, Application Vulnerability Response, Container Vulnerability Response, and Configuration Compliance applications. Centralised Approval Experience via Employee Service Center The Employee Service Center ESC now provides a standardized approval experience for Business Unit Heads, Service Owners, and IT Heads who may not regularly access the USEM platform. This enhancement ensures that vulnerability-related approvals can be managed from a single, central location, improving efficiency and transparency. Configure approval workflow with unified Approval Rules The Approval Rules now provide a standardized way to configure approval workflows across multiple findings and remediation task tables in Security Exposure Management. Administrators can now define approval conditions, select applicable tables, and configure multi‑level approvers through a single, unified interface. [Placeholder link text to key bundle-security.vr-cloud-security-landing] The Cloud Exposure View is a workspace that is supported by USEM. The Cloud Exposure View provides a single location for cloud security teams to monitor and act on all their cloud-related security findings from multiple vendors across their cloud environments. Monitor integrations USEM introduces integration monitoring capabilities within the Security Exposure Management Workspace Administration console. Administrators can now view and troubleshoot integration run statuses for installed third-party applications, ensuring better visibility and operational health. Generate insights to prioritize findings SEM Workspace uses Now Assist to bring generative AI to your dashboard. This capability helps you focus on critical risks and make informed decisions faster, improving overall security outcomes. It provides: Contextual summaries to quickly understand your security posture Actionable recommendations to address prioritized risks Create custom widgets in the Visualization Library Create and manage custom widgets in the finding view of the SEM workspace to visualize findings data that align with your organization’s reporting needs. The Visualization Library lets you define widget attributes such as chart type, visualization group, and data filters, enabling you to build dashboards that highlight the insights most relevant to your teams. This flexibility helps you focus on meaningful security metrics and make data-driven decisions. Improved remediation target date handling Remediation target (RT) dates now dynamically recalculate when a finding’s risk rating changes. When enabled, the system recalculates the SLA from the most recent risk rating update date, preventing RT dates from being set in the past and ensuring accurate SLA tracking. Improved exception management Manual and automated exception request and approval workflow: Flexible, customizable workflows streamline submission, review, and approval of exception requests. Comprehensive exception tracking and audit trails: Detailed records of approvals, justifications, and timelines support compliance efforts and simplify regulatory reporting. Consistent remediation task management Unified task management: Supports both manual task creation and automated rule-based task generation across all Unified Security Exposure Management applications. Centralized rule definition: Enables efficient management of tasks across Vulnerability Response, Application Vulnerability Response, Container Vulnerability Response, and Configuration Compliance applications. Advanced risk management Risk calculators: Introduced for all Unified Security Exposure Management applications, enabling definition of risk rules based on multiple factors and calculation mechanisms. Risk rollup calculators: Aggregate scores from findings to higher-level entities, ensuring consistent risk scoring across applications. Generate Recommendation AI-powered recommendations for Exception and False Positive requests: Provides an on-demand recommendation to approve or reject a request using the Now Assist Skill framework to analyze contextual data such as vulnerability details, risk factors, exploit availability, and related indicators. The recommendations are accessible directly from the Exception Change Approval record in the Security Exposure Management Workspace, enabling approvers to make faster, more consistent decisions while reducing the manual analysis effort. Exception Rule & Change Approval Enhancements Change Approval Creation for Exception Rule submission: Previously, Change Approval (CA) was created only for a few types of exception requests. Now, the Change Approval(CA) is also created during exception rule submission. This enhancement verifies consistency across exception workflows and improves traceability. Vulnerability Intelligence Tile on Change Approval Record: The Vulnerability Intelligence Tile is added to change approval records, displaying vulnerability intelligence such as CISA KEV information, Known ransomware indicators, and EPSS percentile. This tile is visible only when Intelligence and App-Vuln NVD plugins are installed. This enhancement provides approvers with critical threat context for informed decision-making. Summary Tiles on Change Approval Record: The Impact Tile is added in the overview tab of the Change Approval record to provide approvers with the visibility of the impacted count information such as, Impacted CIs, Total Findings, and Total Vulnerabilities on the Change Approval for a Remediation Task. This enhancement improves visibility of potential impact during approval or rejection of requests. Application-Based Filtering on Approvals View: Added filtering capability on the Approvals view by application type such as: Application vulnerabilities (AVR), Container vulnerabilities (CVR), Infra Vulnerabilities (VR), and Misconfigurations (CC). This capability enables approvers to quickly drill down and manage approvals by category. Reapply Assignment Rules for Deferred and Manually Assigned Items: Introduced the ability to reapply assignment rules for Deferred items and Manually assigned items. This enhancement provides the flexibility to reassign items through the Re-evaluate action in the list view.

Changes

Between your current release family and Zurich, some changes were made to existing Unified Security Exposure Management features.


Release	Release notes
Vancouver	No updates for this release.
Washington DC	No updates for this release.
Xanadu	No updates for this release.
Yokohama	No updates for this release.
Zurich	No updates for this release.

Removed

Between your current release family and Zurich, some Unified Security Exposure Management features or functionality were removed.


Release	Release notes
Vancouver	No updates for this release.
Washington DC	No updates for this release.
Xanadu	No updates for this release.
Yokohama	No updates for this release.
Zurich	No updates for this release.

Deprecations

Between your current release family and Zurich, some Unified Security Exposure Management features or functionality were deprecated.


Release	Release notes
Vancouver	No updates for this release.
Washington DC	No updates for this release.
Xanadu	No updates for this release.
Yokohama	No updates for this release.
Zurich	No updates for this release.

Activation information

Review information on how to activate Unified Security Exposure Management.


Release	Release notes
Vancouver	No updates for this release.
Washington DC	No updates for this release.
Xanadu	No updates for this release.
Yokohama	No updates for this release.
Zurich	Unified Security Exposure Management is a ServiceNow AI Platform feature that is available with activation of the Security Exposure Management (com.snc.security_support.core). For details, see Install Unified Security Exposure Management.

Additional requirements

If any additional requirements were introduced or changed for Unified Security Exposure Management we have noted them here.


Release	Release notes
Vancouver	No updates for this release.
Washington DC	No updates for this release.
Xanadu	No updates for this release.
Yokohama	No updates for this release.
Zurich	No updates for this release.

Browser requirements

If any specific browser requirements were introduced or changed for Unified Security Exposure Management we have noted them here.


Release	Release notes
Vancouver	No updates for this release.
Washington DC	No updates for this release.
Xanadu	No updates for this release.
Yokohama	No updates for this release.
Zurich	No updates for this release.

Accessibility information

Review details on accessibility information for Unified Security Exposure Management, such as specific requirements or compliance levels.


Release	Release notes
Vancouver	No updates for this release.
Washington DC	No updates for this release.
Xanadu	No updates for this release.
Yokohama	No updates for this release.
Zurich	Dark theme The new Coral theme includes a dark theme option for web and mobile experiences. This option is commonly used to alleviate eye strain and improve readability.

Localization information

If there are specific localization considerations for Unified Security Exposure Management we have noted them here.


Release	Release notes
Vancouver	No updates for this release.
Washington DC	No updates for this release.
Xanadu	No updates for this release.
Yokohama	No updates for this release.
Zurich	No updates for this release.

Highlight information

If there are specific highlight considerations for Unified Security Exposure Management we have noted them here.


Release	Release notes
Vancouver	No updates for this release.
Washington DC	No updates for this release.
Xanadu	No updates for this release.
Yokohama	No updates for this release.
Zurich	Rearchitecture of Vulnerability Response apps: Unified Security Exposure Management introduces a complete rearchitecture of its applications, delivering a standardised data model and modular workflows. This transformation ensures consistent features across all modules, simplifies configuration, and enables flexible, role-based experiences. The modular approach allows faster updates and seamless integration, creating a scalable and future-ready platform. Security Exposure Management Workspace: Centralized platform for managing security exposures with Findings and Remediation views. Administration console: One-stop configuration for all USEM apps, including rules, email templates, email notifications, and severity mapping for integrations. Enhanced exception management: Streamlined exception request and approval workflows with comprehensive tracking and audit trails. Use generative AI with features in the SEM workspace that are included with the Now Assist for Vulnerability Response application. See the Now Assist for Security Incident Response (SIR) and Now Assist for Vulnerability Response (VR) release notes for more information. See Unified Security Exposure Management for more information.