Using generative AI skills in Now Assist for Vulnerability Response

  • Release version: Yokohama
  • Updated January 12, 2026
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Using generative AI skills in Now Assist for Vulnerability Response

    Now Assist for Vulnerability Response enables vulnerability managers and analysts to efficiently resolve remediation tasks by leveraging generative AI skills within their existing workflows. These AI-driven capabilities provide contextual insights, streamline approval processes, and enhance vulnerability management directly within the ServiceNow platform.

    Show full answer Show less

    The generative AI skills are automatically activated for appropriate users based on roles, such as ITIL roles on incident or change forms, with new installations and upgrades enabling these features by default. Data privacy is maintained through domain separation, ensuring users only access data within their domain and that AI interactions do not persist request or response data externally.

    Key Features

    • Insight Generation and Prioritization: AI generates contextual summaries and actionable recommendations to help prioritize critical vulnerability findings and understand security posture.
    • Exception and False Positive Approvals: On-demand AI recommendations assist in approving exceptions and identifying false positives to streamline vulnerability triage.
    • API Connector Assistance: AI helps automatically populate steps in the API Connector builder, simplifying integration setup. Note that additional applications must be installed and activated to use this feature.
    • Duplicate Vulnerable Item Identification: AI identifies and groups duplicate vulnerable items (VITs) from multiple scanners, designates primary items, and supports closing duplicates to reduce noise.
    • Preferred Vulnerability Solutions Recommendation: AI suggests the most appropriate preferred solutions for active host VITs. This requires installing Vulnerability Solution Management, which imports current solutions from third-party vendors and supports only VITs in specific states (Open, Under Investigation, Awaiting Implementation, In Review).
    • Approval Impact Analysis Recommendations: AI generates insights to support approval impact analysis, aiding in decision-making processes.

    Key Outcomes

    • Improved efficiency in vulnerability remediation through AI-driven prioritization and recommendations.
    • Reduced manual effort in handling exceptions, false positives, and duplicate vulnerabilities.
    • Enhanced integration capabilities via AI-assisted API connector creation.
    • Better security posture understanding and decision support from AI-generated summaries and insights.
    • Maintained data security and compliance with domain separation ensuring data is accessible only within appropriate domains and AI data is not stored externally.

    Vulnerability managers and analysts can resolve remediation tasks from within their flow of work with the generative AI skills supported by Now Assist for Vulnerability Response.

    Some Now Assist skills, agents, and agentic workflows are turned on by default
    The skills are automatically available to appropriate role users for the application, such as ITIL roles on incident forms or change forms. This change simply activates the skill and does not touch the roles that may be needed to use the skill. The new default behavior works as follows:
    • New customers: When you install a Now Assist product, designated skills and agentic workflows are turned on automatically.
    • Existing customers who are upgrading (starting with Yokohama Patch 11): Any previously unconfigured skill, agent, or agentic workflow is turned on automatically (the AI asset was never configured and turned on, then turned off again). Previously configured skills and agentic workflows that were turned on, then off, remain inactive.

    Skills reuse

    By default, all skills exist in the global domain. When you use Now Assist in a domain-separated environment, users are only able to access data in their domain. For example, if a user uses the summarization skill, Now Assist only uses material that exists in the user's domain when generating that summary. Additionally, there is no co-mingling of data for domain-separated instances when using generative AI skills. The data resides only on the instance, and the shared services used for generative AI do not persist any requests (prompts) and responses. For more information, see Domain separation in the Now Assist Admin console. (Note that global domain is not the same as global scope. For more information, see Exploring Next Experience pickers.)

    Overview of Now Assist for Vulnerability Response skills

    With generative AI skills with Now Assist for Vulnerability Response, your vulnerability managers and analysts have the option to: