Knowledge 2026 just wrapped, and if there was one theme that rang loud and clear throughout the week, it was this: AI is only as powerful as the platform it runs on and the platform must be secure. From breakout sessions to mainstage moments, security wasn't a footnote. It was front and center. And for good reason. As organizations lean deeper into automation, AI agents, and enterprise-wide workflows, the attack surface grows with it. The urgency to understand, manage, and own your instance's security posture has never been greater.
That's exactly where Security Center comes in.
What is Security Center?
Security Center is ServiceNow's centralized hub for instance security. Your one-stop shop for understanding, managing, and improving the security posture of your ServiceNow environment. It brings together hardening, scanning, access management, machine identity, and security monitoring.
Security Center is organized into five consoles, each focused on a different dimension of instance security:
- Security posture console: Guided best practices with step-by-step instructions and posture dashboards that surface active privileged accounts, integration accounts, and users who have never logged in.
- Access management console: Proactive misconfiguration detection via access findings, on-demand access diagnostics with Access Analyzer, and scripting governance for default group to keep access controls properly configured.
- Machine identity console: Visibility into inbound integrations and security findings tied to non-human identities like service accounts and third-party connections.
- Other configuration tools console: Hardening score comparison to track compliance over time, customer actions for environment-specific recommendations, and security scanner to automatically detect and surface misconfigurations.
- Monitoring console: Security Event Notifications and Security Metrics to set thresholds, track trends, and ensure your team is alerted before small anomalies become larger problems.
Together, these consoles reflect a core philosophy: security isn't a one-time setup. It's an ongoing practice, and Security Center is built to support that continuously.
It's designed to take the complexity out of instance security and put the control back where it belongs, in your hands.
No Setup Required. It's already there!
One of the most important things to know about Security Center: it's included with the ServiceNow AI Platform and requires no additional installation or configuration to get started. Starting with the Vancouver release, Security Center is installed by default on every instance. There's no store app to track down, no plugin to activate, no professional services engagement required. You log in, navigate to Security Center, and the work can begin immediately.
Navigate to All > Security Center.
In a world where security tools often require weeks of onboarding before they deliver value, Security Center is refreshingly ready from day one.
What's New in Australia (Knowledge 2026)
Hardening risk acceptance
The headline feature for Security Center in the Australia release is hardening risk acceptance, and it's meaningful one.
Your hardening score reflects how well security configurations and policies have been applied across your instance. The closer to 100%, the better your defenses against vulnerabilities. But in the real world, not every hardening setting is immediately actionable. There are valid business, technical, or operational reasons why a setting may remain non-compliant for a period of time and until now, those situations had no formal home in Security Center.
Hardening risk acceptance changes that.
Located within Security configuration console > Security hardening, this feature allows you to formally accept the risk of a non-compliant hardening setting when remediation isn't currently possible.
When you accept a risk, you're prompted to document your explanation: creating a clear, auditable record of the decision. The result: your overall hardening score increases to reflect the intentional, documented risk, with a distinct designation that separates unaddressed gaps from accepted, explained risk.
This is a significant step forward for security governance. It means your hardening score becomes a more accurate and honest picture of your security posture not penalized by known, intentional decisions, but transparent about them.
A quick recap from what we released in Zurich: Access findings in Access management console
If you haven't explored access findings yet, the Australia release is a great time to revisit it. Introduced in the Zurich release, access findings is the proactive detection and remediation layer living inside the access management console within Security Center.
It runs eight out-of-the-box access checks against your instance on a daily schedule, automatically surfacing misconfigurations like missing ACLs on client-callable Script Includes, dormant accounts, etc. When a check detects a violation, it generates an actionable finding with remediation guidance, so you're never left guessing what to do next.
And speaking of access, don't overlook Access Analyzer, which is also accessible directly through Security Center via the Access management console.
Access Analyzer is a powerful diagnostic tool that helps you determine exactly who has access to a given resource on your instance. No more guesswork, no manual role audits, just clear on-demand answers.
Your Call to Action
Security Center is live, it's ready, and it's built to help you take real ownership of your instance security. Here's how to get started today:
Log into your instance and navigate to Security Center.
If you want to explore the newest feature: head to the security configuration console -> security hardening and look for the hardening risk acceptance option on any non-compliant setting you've been meaning to address.
Not sure where to start? That's fine too. The Security Center landing page is designed to meet you where you are, with your hardening score, security tasks, access findings, and best practices all visible from the moment you arrive.
Security is a journey, not a destination. But with Security Center, you're never walking it alone.
Learn More
- Security Center Documentation
-Upcoming Academy Session for Security Center on June 30, 2026. Register here.
Have questions about Security Center or want a guided walkthrough? Reach out to the AI Platform Security team or email: InstanceSecurity@servicenow.com — we're here to help.
