Asset Security Posture Management release notes

  • Release version: Store
  • Updated June 11, 2026
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Asset Security Posture Management Release Notes

    The Asset Security Posture Management application provides ServiceNow customers with comprehensive visibility into their enterprise asset inventory and security tool coverage gaps. It integrates vulnerability data from third-party assessment tools to highlight high-risk security lapses, helping organizations audit and improve their asset security posture effectively.

    Show full answer Show less

    Key Features

    • Asset Inventory and Security Coverage: View and manage your enterprise asset inventory, identifying assets lacking critical security protections such as endpoint agents.
    • Policy-Based Auditing and Insights: Activate built-in or custom policies to audit assets and generate insights with various visualization widgets including comparison charts, match counts, percentages, and trends.
    • Enhanced Policy Builder: Advanced filtering options including asset source reporting, first seen timestamps, model-specific queries, and recent activity windows (up to 30 days) improve monitoring precision.
    • Integration with Security Controls: Support for Amazon Web Services (AWS) Web Application Firewall as a mitigation control source, and compatibility with the Service Graph Connector for XM Cyber and Tenable enhance data correlation and security insights.
    • Improved Usability: Organization of custom insights via Groups on dashboards, refined connection filters, and preserved customization during upgrades ensure smooth operations and tailored reporting.
    • Security and Compliance Updates: Alignment of query Access Control Lists (ACLs) with ServiceNow Platform Security guidance safeguards data access and compliance.

    Practical Benefits for ServiceNow Customers

    • Gain a centralized, up-to-date view of your assets and their security tool coverage across your enterprise.
    • Leverage pre-built and customizable policies to detect and prioritize security gaps efficiently.
    • Use advanced filtering and reporting features to tailor asset monitoring based on specific criteria such as discovery timeframes and asset models.
    • Integrate seamlessly with existing security tools and connectors for enriched vulnerability and mitigation data.
    • Ensure compliance with security best practices through regular updates and adherence to platform security standards.
    • Maintain customizations and smooth upgrade paths thanks to automatic preservation of Access Control List changes and conflict prevention measures.

    Version history for the Vulnerability Response Asset Security Posture Management application on the ServiceNow Store.

    Important:
    For details on system requirements and family compatibility, view the application listing on the ServiceNow Store website.

    Version history

    Version 5.5.2 - June 2026
    • The following enhancements and changes support internal security directives. These changes are applied automatically upon upgrade and your customizations on impacted Access Control Lists (ACLs) are preserved:
      • Updated query ACLs for the Asset Security Posture Management (CAASM) tables to align with ServiceNow Platform Security guidance.
      • Renamed the read-only fix script to a per-plugin name to prevent update set conflicts with other Security Operations plugins.
    Version 5.5.1 - December 2025
    New: The Service Graph Connector for XM Cyber (XM Cyber SGC) is supported in Security Posture Control.
    Version 5.3.5 - August 2025
    Fixed: Asset profile-based filtering in custom insights.
    Version 5.3.4 - May 2025
    • New:
      • Supporting changes for Amazon Web Services (AWS) Web Application Firewall (WAF) as a mitigation controls source.
      • Supporting changes for the asset profiles feature introduced for SPC policies.
    Version 5.3.2 - February 2025
    • Fixed:
      • Retired assets are filtered out from key insights.
      • The logic for use cases on the Connectors and Dashboard pages.
      • Conditions for policies that are included with the application.
    Version 5.1.2 - December 2024
    Fixed: The "With IRM Exception" connection in policy builder now renders the properties properly.
    Version 4.0.0 - August 2024
    New: Added Groups to custom insights that organize your reports on the Configured insights dashboard.
    Version 3.0.3 - June 2024
    Fixed: The 'with-connector-data' connection filters for the applicable classes.The class filter evaluates base and child policy conditions for the list of supported classes.
    Version 3.0.2 - May 2024
    • New:
      • Improvements to the policy builder:
        • Select the Reported only by Connection to monitor assets that are reported from a few specific asset sources but not by any other sources.
        • Select the First seen timestamp with the With CMDB Metadata Connection to look for assets that were first discovered within a given timeframe.
        • Select Model name to query devices for specific model information to help you with security control coverage.
        • Select 'Within the last n days' and type in a number of days up to 30. For example, you can monitor assets with last logon data from Active Directory in last 3 days.
    Version 2.0.2 - March 2024
    • Fixed:
      • Updates to support the base policies for the Service Graph Connector for Tenable.
      • Minor issues with dashboard widgets and drill-down logic on the Home page in the Security Posture Control Workspace.
      • Staging table entries are created for policies that don't perform a CMDB query as expected.
    Version 2.0.0 - February 2024
    • New:
      • Activate policies included with the application and start auditing your assets with key use cases.
      • View your asset inventory for the enterprise on the Home page in the workspace.
      • Use your own policies or the policies included with the application to create custom insights.
      • Use the supported custom insight widgets to create the following types of visualizations on the Custom insights dashboard:
        • Comparison charts.
        • Policy Match counts.
        • Policy match percentages.
        • Policy match trends.
    Version 1.0.1 - August 2023 (Vancouver)
    Initial release: This plugin provides you with an inventory of your enterprise assets and identifies their security tool coverage gaps. Assets identified as missing endpoint protection agents, for example, are associated with vulnerability data from third-party vulnerability assessment tools to give you visibility into combinations of the high-risk security lapses on your enterprise assets.