Security & Privacy tab in AI Control Tower

  • Release version: Yokohama
  • Updated July 31, 2025
  • 5 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Security & Privacy tab in AI Control Tower

    The Security & Privacy tab in AI Control Tower provides ServiceNow customers with a comprehensive dashboard to monitor AI security metrics across their instance. It helps track access issues, privileged and dormant AI agents, agentic workflows, and tools, offering actionable insights to improve AI security posture. Access to this tab depends on your entitlements.

    Show full answer Show less

    Key Features

    • Dashboard Visualizations: Interactive charts display the proportion of AI agents with access issues, the ratio of autonomous versus supervised agentic tools, privileged AI agents with elevated permissions, and dormant AI systems inactive for 90+ days. Hovering over charts reveals detailed counts and proportions.
    • AI Security Tasks: From the dashboard, customers can create AI security tasks directly to remediate issues. Tasks older than 180 days are archived, with archival periods configurable via system properties.
    • Access Map: A node-graph visualization maps relationships between ServiceNow AI agents, workflows, and tools. It highlights agents with access issues via warning icons, enabling quick investigation and resolution. Filters allow focused views on agents or workflows.
    • Integration with AWS Bedrock: When AWS accounts are configured, customers can filter metrics for AWS-based AI agents and enable specific skills such as the AWS IAM Privileged Policy Checker for enhanced insights.
    • Now Assist Guardian Analytics: Displays prompt injection and offensive content data if Now Assist Guardian is enabled, providing additional AI security visibility.
    • ServiceNow AI Insights: Requires enabling the Now Assist AICT Security Posture Summarizer skill. It summarizes security positives, areas for attention, high-impact observations, and suggested remediation actions to enhance security posture.
    • ServiceNow AI Security Score: A consolidated metric reflecting the health of AI assets based on access issues, privileged agents, and dormant systems. Customers can view detailed issues influencing the score and choose to mute specific assets from scoring if remediation risks outweigh benefits.

    Practical Benefits for ServiceNow Customers

    • Quickly identify and address AI agent access issues that could disrupt workflows.
    • Monitor and manage privileged AI agents to reduce security risks related to elevated permissions.
    • Detect dormant AI systems to mitigate unnecessary exposure and security vulnerabilities.
    • Visualize relationships between AI components to troubleshoot and secure complex AI interactions.
    • Leverage automated task creation to streamline AI security issue remediation workflows.
    • Enhance AI security visibility by integrating AWS metrics and Now Assist Guardian data.
    • Improve overall AI security posture through actionable insights and a measurable security score.

    Review AI security metrics such as access issues, dormant and privileged AI agents, and map the relationships of your ServiceNow Agents, agentic workflows, and tools. Check your entitlements to determine whether you have access to AI Control Tower Security and Privacy.

    The Security & Privacy tab of AI Control Tower offers a dashboard-based overview of your AI security metrics. The dashboard contains several visualizations detailing AI security metrics. In addition to tracking metrics the Security & Privacy tab contains the access map, a tool that gives an node-graph visualization of the relationships between your ServiceNow Agents, agentic workflows, and tools. You can use the map to investigate the relationships between your AI agents and workflows further.

    Note:
    You can drill down into the data on each widget by selecting the chart.

    Dashboard

    The AI Control Tower dashboard
    Access issues

    The chart displays the proportion of AI Agents experiencing access issues to AI agents without any issues, and lists the top AI systems with access issues. Agents with access issues may be unable to complete their workflows due to the access issue. Hover over a portion of the chart to see the exact proportion and count of agents.

    A donut chart detailing AI access

    You can create AI security tasks directly from the list view by selecting Create AI task. See all active AI security tasks in AI assets in the AI Task section. (Role required: sn_vsc.task_manager.)

    AI security tasks that are resolved and over 180 days old are archived. Archival days can be configured in system properties.

    Autonomous vs. supervised agentic tools

    The chart displays the proportion of autonomous (self-driven) to supervised (human-guided) agentic tools in use. Hover over a portion of the chart to see the exact proportion and count of agents.

    To show AWS agent metrics, filter the metrics by selecting AWS Bedrock in the provider dropdown list. You must have an AWS account configured for your instance. For more details, see AI connections setup.

    A donut chart detailing agentic tools.
    Privileged AI Agents

    The area chart shows AI agents with elevated permissions such as an agent with admin or security admin permissions that can perform critical actions. Some workflows require AI agents have elevated permissions to complete. Hover over a portion of the chart to see the exact number of privileged agents on that day.

    To show AWS agent metrics, filter the metrics by selecting AWS Bedrock in the provider dropdown list. You must have an AWS account configured for your instance and the Now Assist AiSP AWS IAM Privileged Policy Checker skill enabled. For more details, see AI connections setup and Activate a Now Assist skill.

    An area chart detailing privileged AI agents

    You can create AI security tasks directly from the list view by selecting Create AI task. See all active AI security tasks in AI assets in the AI Task section. (Role required: sn_vsc.task_manager.)

    AI security tasks that are resolved and over 180 days old are archived. Archival days can be configured in system properties.

    Dormant AI systems

    The area chart shows AI agents that have not been active for over 90 days. Review dormant AI agent permissions to reduce security risk. Hover over a portion of the chart to see the exact number of dormant AI systems for that day.

    To show AWS agent metrics, filter the metrics by selecting AWS Bedrock in the provider dropdown list. You must have an AWS account configured for your instance. For more details, see AI connections setup.

    An area chart detailing dormant AI systems.

    When an AI agent becomes dormant, an AI security task is created automatically to streamline your workflow and quickly resolve issues. The AI security task is assigned to the agent’s owner. See all active AI security tasks in AI assets in the AI Task section.

    AI security tasks that are resolved and over 180 days old are archived. Archival days can be configured in system properties.

    Prompt injection
    These charts show prompt injection data provided by Now Assist Guardian. To see data, enable Now Assist Guardian for your instance. For more details, see Now Assist Guardian analytics.
    Offensive content
    These charts show offensive content data provided by Now Assist Guardian. To see data, enable Now Assist Guardian for your instance. For more details, see Now Assist Guardian analytics.

    Access map

    The Access map displays a node map detailing the relationships of your ServiceNow® agents, agentic workflows, and tools. You can use the map to review these relationships, configure agent details, and resolve access issues. The map includes filters for both agents and agentic workflows. You can open the access map by either navigating to All > AI Security and Privacy > Access Map, or selecting the link in the dashboard. The AI control tower access map

    If a warning icon appears on any agent, that agent has access issues. Select the warning icon to see details such as the workflow, agent, and tool associated with the access issue.

    In Access issues, the User ID is the ID of the user who ran the agent.

    ServiceNow AI Insights

    ServiceNow AI Insights require that the Now Assist AICT Security Posture Summarizer skill is enabled. For more details, see Activate a Now Assist skill.

    ServiceNow AI insights summarize positives and potential issues to remediate to improve your overall security posture of your instance.
    • Positives – Enabled settings and features that improve your security posture.
    • Areas for Attention – Low- to medium-risk items to resolve.
    • High Impact Observations – High-risk items to resolve.
    • Actions – Suggested action items to address Areas for Attention and High-Impact Observations.

    ServiceNow AI Security Score

    The ServiceNow AI security score is a measure of the health of your ServiceNow AI assets in terms of access issues, privileged AI agents, and dormant AI systems.ServiceNow AI security score

    AI assets impacting your score
    To see more information about your score, select See details in the Security and Privacy tab. A list view shows the ServiceNow AI assets that are included in your AI security score calculation. Your score is the average of all ServiceNow AI assets listed.
    You can exclude an asset from your score by selecting a row and selecting Mute. For example, you can mute an AI asset if you determine that remediating the asset’s issue would be a risky change.
    Column Description
    AI system Name of the ServiceNow asset.
    Category

    Type of issue, such as dormant AI system, privileged AI agent, or access issue.
    Provider This is always ServiceNow.
    Score impact The percentage impact to your AI security score.
    Date Date the issue occurred.
    AI Task The AI security task to remediate the issue, if applicable.