Now Assist for Vulnerability Response release notes
Summarize
Summarized using AI
This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.
Summary of Now Assist for Vulnerability Response Yokohama Release Notes
Now Assist for Vulnerability Response enhances vulnerability management by enabling analysts and remediation owners to autonomously resolve vulnerable items through intelligent workflows and generative AI skills. The Yokohama release introduces significant updates, including default activation of certain skills, expanded AI model provider options, and tighter role-based access controls for agentic workflows and AI agents.
Show less
Key Features
- Generative AI Skills: Identify duplicate host vulnerable items, differentiate primary vulnerabilities from duplicates, and suggest preferred remediation solutions based on integrated third-party data and configuration context.
- Agentic Workflows: Automated workflows such as Assess Vulnerability Exposure and Analyze Vulnerability Remediation Status help managers determine exposure to critical vulnerabilities, track SLA compliance, and prioritize remediation efforts.
- Integration with Security Posture Control: Now Assist supports creating API connectors in the Security Posture Control workspace to streamline service graph connector setup and enhance risk prioritization.
- Expanded AI Model Providers: Support for Google Gemini and Anthropic Claude on AWS supplements existing AI models from Now LLM Service and Azure OpenAI, broadening AI capabilities.
- Role-Based Access Control Enhancements: New granular roles improve control over read/write access to remediation compliance insights. Additional security configuration is required for agentic workflows and AI agents to function properly, ensuring secure execution.
- Default Skill Activation Behavior: For new customers, designated Now Assist skills activate automatically upon installation. For existing customers upgrading to Yokohama Patch 11 or later, any previously unconfigured skills are enabled by default, while manually deactivated skills remain inactive.
- Usage Measurement Update: Now Assist usage tracking moved to a 365-day burn-down model resetting annually on the contract date, providing clearer usage metrics.
Practical Implications for ServiceNow Customers
- Customers can leverage AI-driven workflows to automate vulnerability analysis, remediation recommendation, and duplicate detection, reducing manual effort and improving accuracy.
- Security administrators must review and configure roles for agentic workflows and AI agents to ensure proper access and execution rights.
- Integration with Security Posture Control simplifies connector creation and enhances vulnerability risk prioritization within the ServiceNow platform.
- Upgrading to Yokohama requires attention to skill activation states and role configurations to maintain intended system behavior and security posture.
- Access to the Now Assist for Vulnerability Response application is via the ServiceNow Store, with installation requiring a request through that channel.
The Now Assist for Vulnerability Response application can help your vulnerability analysts and remediation owners resolve vulnerable items autonomously with intelligent workflows and generative AI skills. Now Assist for Vulnerability Response was enhanced and updated in the Yokohama release.
Now Assist for Vulnerability Response highlights for the Yokohama release
Yokohama Patch 11
- Review changes to Now Assist usage measurement. See the "Changed in this release" section below.
- Some Now Assist skills, agents, and agentic workflows are on by default.
- Additional role configuration is required for agentic workflows and AI agents included with Now Assist applications.
- Use Now Assist for Vulnerability Response with Security Posture Control to help you with Creating an API connector in the Security Posture Control workspace.
- Yokohama Patch 6
Help your analysts identify duplicate host vulnerable items and analyze available remediation options with generative AI skills with Now Assist for Vulnerability Response.
- Use Google Gemini and Anthropic Claude on AWS as AI model providers for Now Assist skills and AI agents in addition to Now LLM Service and Azure OpenAI.
See Now Assist for Vulnerability Response for more information.
Important:
Now Assist for Vulnerability Response is available in the ServiceNow Store. For details, see the "Activation information" section of these release notes.
Important information for upgrading Now Assist for Vulnerability Response to Yokohama
For more information about required applications for Now Assist for Vulnerability Response, see Supporting information for Now Assist for Vulnerability Response.
Note:
Upgrading the Now Assist plugins activate any designated skills that were previously untouched by the customer.
- If you have the plugins installed but never touched the configuration (never activated the skill nor adjusted associated roles) of a skill, any Default On skill will be activated on a per skill basis upon upgrading.
- If you have previously toggled a skill from active and then back to inactive or have updated any roles for that skill, that skill remains inactive upon upgrading.
- You maintain full control over deactivating individual skills at any time after activation.
New in the Yokohama release
- Yokohama Patch 11
- Role configuration required for agentic workflows and AI agents
- Agentic workflows and AI agents included with Now Assist applications require additional security configuration. If you select Users with selected roles for your user access security controls for an agentic workflow or AI agent, you must add the installed roles, or they will not execute. Data access settings must also include these roles. See the documentation for the agentic workflow or AI agent for the specific roles you must add.
- Some Now Assist skills are turned on by default
- The new default behavior works as follows:
- New customers: When you install a Now Assist product, designated skills are turned on automatically.
- Existing customers who are upgrading (starting with Yokohama Patch 11): Any previously unconfigured skill is turned on automatically (the skill was never configured and turned on, then turned off again). Previously configured skills that were turned on, then off, remain inactive.
- Use Now Assist for Vulnerability Response in Security Posture Control
- You have the option to use Now Assist to help you automatically complete some of the steps in the Connector builder in the Security Posture Control workspace. Use the Connector builder to create your own service graph connectors for Security Posture Control.
- Generate insights to prioritize risks
- Use generative AI to provide contextual summaries, actionable recommendations, and quick links in the Security Exposure Management Workspace, helping you prioritize critical risks and accelerate remediation.
- Generate recommendation for approval impact analysis
- Use generative AI to provide on-demand recommendations to approve or reject a request directly from the Exception Change Approval record, enabling approvers to make fast, consistent decisions while reducing manual analysis effort.
- Yokohama Patch 8
- Granular roles
- The sn_vul_ai.write_rem_insights and sn_vul_ai.read_rem_insights granular roles have been added and are inherited by the sn_vul.vulnerability_admin and sn_vul.vulnerability_analyst roles automatically. These roles provide you with more control over read and write access for the records on the Remediation Compliance Insights [sn_vul_ai_remediation_insights] caching table. The VR.System role also inherits these granular roles so background job execution for the workflow can occur.
- Yokohama Patch 6
- Identify duplicate vulnerable items with Now Assist for Vulnerability Response
- Use generative AI to identify duplicates for your active host vulnerable items that are imported by your vulnerability scanners. Use generative AI reasoning with Now Assist to help your analysts differentiate between primary vulnerability items (VITs) and those VITs that are duplicates. Close duplicate VITs and move their associated detections automatically to the primary VIT records.
- Suggest preferred vulnerability solutions with Now Assist for Vulnerability Response
- Use generative AI to analyze available remediation options pulled from integrated third-party products like Red Hat, Tenable for Vulnerability Response, or internal solution management systems. Evaluate each option against the specific configuration item context, for example, the OS version or software version, and get recommendations for the most viable fix for implementation.
- New third-party AI model provider options available for all Now Assist applications
- Google Gemini and AWS Claude are available for Now Assist skills and AI agents in addition to Now LLM Service and Azure OpenAI.
- Yokohama Patch 3
- Using agentic workflows in Now Assist for Vulnerability Response
-
The Assess vulnerability exposure agentic workflow enables vulnerability managers to determine your exposure to vulnerabilities.
- Determine your exposure to the most current Cybersecurity and Infrastructure Security Agency (CISA) known vulnerabilities in your environment and assess their potential impact to your configuration items (CIs) and business services.
- Identify assets with Common Vulnerabilities and Exposures (CVEs).
- Determine the number of active vulnerability items (VITs) that correspond to CVEs. Create watch topics for VIT remediation.
The Analyze vulnerability remediation status agentic workflow enables vulnerability managers to monitor and assess remediation target compliance.- Track Service Level Agreement (SLA) compliance - Understand how effectively your organization is meeting remediation goals for vulnerabilities based on your SLAs.
- Analyze missed SLAs by severity, assignment group, and configuration item (CI) class - Pinpoint gaps in remediation by categorizing overdue VITs based on severity, assignment groups, and CI classes to enable targeted interventions and smarter resource allocation.
Changed in this release
- Yokohama Patch 11
- Changes to Now Assist usage measurement
- Starting with Yokohama Patch 5, Now Assist usage measurement is transitioning from a 365-day look-back model to a 365-day burn-down model, with usage resetting at the contract anniversary date. For more information, refer to KB KB2704710: Now Assist Usage - Overview & New Measurement Logic.
- Some Now Assist skills are now turned on by default
-
The following Now Assist skills for Now Assist for Vulnerability Response are activated by default.
- Recommend preferred solution for VIT (VR)
- Vulnerable item de-duplication (VR)
- Approval Recommendation (VR)(USEM)
- Security Exposure Management (SEM) Insights (VR)(USEM)
- SPC Setup Connector (Security Posture Control)
- Configure ACLs for AI agents and agentic workflows
- Configure the access control lists for who can discover and trigger AI agents and agentic workflows in their guided setups in AI Agent Studio. You can determine whether an AI agent or agentic workflow behaves as a dynamic user or as an AI user. You can also specify if an AI agent or agentic workflow can be available to all authenticated users or publicly available.
Activation information
Install Now Assist for Vulnerability Response by requesting it from the ServiceNow Store. Visit the ServiceNow Store website to view all the available apps and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.