Using generative AI skills in Now Assist for Vulnerability Response
Vulnerability managers and analysts can resolve remediation tasks from within their flow of work with the generative AI skills supported by Now Assist for Vulnerability Response.
- Some Now Assist skills, agents, and agentic workflows are turned on by default
- The skills are automatically available to appropriate role users for the application, such as ITIL roles on incident forms or change forms. This change simply activates the skill and does not touch the roles that may be
needed to use the skill. The new default behavior works as follows:
- New customers: When you install a Now Assist product, designated skills and agentic workflows are turned on automatically.
- Existing customers who are upgrading (starting with Yokohama Patch 11): Any previously unconfigured skill, agent, or agentic workflow is turned on automatically (the AI asset was never configured and turned on, then turned off again). Previously configured skills and agentic workflows that were turned on, then off, remain inactive.
Skills reuse
By default, all skills exist in the global domain. When you use Now Assist in a domain-separated environment, users are only able to access data in their domain. For example, if a user uses the summarization skill, Now Assist only uses material that exists in the user's domain when generating that summary. Additionally, there is no co-mingling of data for domain-separated instances when using generative AI skills. The data resides only on the instance, and the shared services used for generative AI do not persist any requests (prompts) and responses. For more information, see Domain separation in the Now Assist Admin console. (Note that global domain is not the same as global scope. For more information, see Exploring Next Experience pickers.)
Overview of Now Assist for Vulnerability Response skills
With generative AI skills with Now Assist for Vulnerability Response, your vulnerability managers and analysts have the option to:
- Generate insights to prioritize findings
Use generative AI to provide insights based on contextual summaries and provide actionable recommendations.
- Get exception and false positive approval recommendations
Use generative AI to provide on-demand approval and false positive recommendations.
- Create an API connector with Now Assist for Vulnerability Response.
Use generative AI to automatically populate steps in the API Connector builder.
Note:You must install and activate the required applications in addition to Now Assist for Vulnerability Response to use the generative AI skill to help you create your own API connector. - Identify duplicate vulnerable items with Now Assist for Vulnerability Response
Identify and group duplicate vulnerable items (VITs) created from multiple scanners. Identify the primary vulnerable item and remove (close) duplicates.
- Suggest preferred vulnerability solutions with Now Assist for Vulnerability Response
Identify the most appropriate preferred solution for a given vulnerable item (VIT).
Note:- You must install and activate Vulnerability Solution Management [sn_vul_solution] to import and view preferred and available vulnerability solutions. This application provides you with current solutions with scheduled imports. Vulnerability Solution Management is available on the ServiceNow® Store.
- This generative AI skill supports only active host vulnerable items (VITs). VITs must be in the Open, Under Investigation, Awaiting Implementation, or In Review states.
- Current solutions that most effectively address vulnerabilities, also referred to as solutions of the highest supersedence, must be available for you to import from third-party vendors. See Vulnerability Solution Management for more information about Vulnerability Solution Management and supported integrations for more information.
- The Configuration item field on a VIT must be populated with a value from the Configuration Item [cmdb_ci] table.
- The Vulnerability field on a VIT must be populated.
- Generate a recommendation for approval impact analysis
- Generate insights to prioritize findings
Understand your security posture with AI-generated summaries and recommendations to help you prioritize and act on critical findings.