Viewing AI Exposures

Release version: Australia

Updated June 4, 2026

3 minutes to read

Summarize

Summarized using AI

Summary of Viewing AI Exposures

The AI Exposures module within the Security Exposure Management workspace provides a centralized dashboard to view and manage the entire attack surface related to AI security findings. It consolidates various AI exposure types, including AI vulnerabilities, AI validation findings, and AI posture findings, enabling ServiceNow customers to monitor and remediate AI-related security risks effectively.

Show full answer Show less

Access to this module requires specific roles such as vulnerability admin, vulnerability analyst, and remediation owner for both general vulnerabilities and AI-specific vulnerabilities.

Key Features

Dashboard Navigation: Accessible via Workspaces > Security Exposure Management > AI Exposures, the dashboard aggregates data through a scheduled daily job, with an option to refresh on demand for the latest insights.
Overview Section: Displays total counts and remediation statuses for AI vulnerabilities, validation findings, and posture findings, categorized by open, unassigned, approaching target, and overdue statuses.
AI Vulnerabilities Tab: Focuses on vulnerabilities found in open source AI models, showing scan metrics such as open vulnerabilities, models scanned, and findings segmented by risk rating, categories, MITRE ATLAS techniques, and open versus closed state.
AI Validation Findings Tab: Presents results from automated penetration testing and red teaming to validate AI model behavior, with metrics on open and mitigated findings, active guardrails, models tested, and number of attacks.
AI Posture Findings Tab: Highlights configuration-related vulnerabilities to ensure AI assets comply with policies and controls, detailing open findings, affected agents, tools, system prompts, and MCP servers, along with findings sorted by risk rating, platforms, posture rules, critical agents, MITRE ATLAS techniques, and OWASP LLM categories.
Interactive Cards (Widgets): Each section contains clickable cards that open filtered lists of records, enabling detailed investigation by categories such as risk rating, threat categories, attack techniques, and specific AI models or platforms.
Inventory Breakdown: Provides a count and breakdown of AI assets with reported findings to help track exposure across different AI components.

Data Management and Aggregation

The dashboard relies on imported and aggregated data stored in specific tables corresponding to AI model scans, vulnerability entries, validation findings, and posture findings. Daily aggregation jobs ensure data is current, enabling customers to rely on up-to-date security exposure insights.

Key tables include:

AI Scan Summaries and Findings
Discovered AI Assets and Vulnerability Entries
Model Files
AI Validation Findings, Threats, and Signatures
AI Posture Findings, Rules, and Guardrails

Practical Benefits for ServiceNow Customers

Gain comprehensive visibility into AI security exposures to proactively manage risks.
Use role-based access to delegate vulnerability management and remediation tasks effectively.
Leverage detailed metrics and categorized findings to prioritize remediation efforts based on risk and compliance status.
Monitor AI models and configurations continuously to maintain compliance with security policies.
Utilize interactive dashboard elements for efficient investigation and tracking of AI security issues.

Access the entire attack surface across various types of findings on the AI Security Exposure Management dashboard on the AI Exposures module. See AI exposures as a dedicated module of the Security Exposure Management workspace.

AI Exposures overview

See Exploring AI Security Exposure Management for an overview and more information about the application.

Roles required.

sn_vul.vulnerability_admin
sn_vul.vulnerability_analyst
sn_vul.remediation_owner
sn_sec_ai.vulnerability_admin
sn_sec_ai.vulnerability_analyst
sn_sec_ai.remediation_owner

There are three categories of AI exposures that are displayed on the dashboard.

AI vulnerabilities
AI validation findings
AI posture findings

Navigate to Workspaces > Security Exposure Management > AI Exposures.

The totals displayed on the dashboard are aggregated (totaled) by a scheduled job that by default runs daily. When you open dashboard, these aggregated results from the scheduled <name> job are displayed. To see data on-demand, select Refresh. This activates the background job and the page refreshes with the aggregated result when the job completes.

Select a tab to view visualizations for each category.

Overview section

The Overview section displays the total counts of finding remediation status for AI vulnerabilities, AI validation findings, and AI posture findings of AI exposures for Open findings, Unassigned, Approaching Target, and Overdue.

Select a tab to filter your lists by category and select a tile to open the filtered lists.

AI vulnerabilities tab

This is data about vulnerabilities that are discovered in open source AI models that are published in repositories.

Scan metrics section

Select a card (widget) to open a list of records.

Open vulnerabilities
Models scanned
Model files scanned

Findings

Select a card (widget) to open a list of records.

By risk rating
By top 5 categories
By top 5 MITRE ATLAS techniques
By open vs closed state

AI validation findings tab

These findings are from third-party automated penetration testing or automated red teaming done to verify the behavior of some of these models by scanning them against their prompt libraries.

Validation metrics section

Select a card (widget) to open a list of records.

Open validation findings
Mitigated findings
Active guardrails
Models tested
Number of attacks

Findings section

Select a card (widget) to open a list of records for Model vulnerability findings.

Select a card to open a list of records for model validation findings.

By risk rating
By top 5 threat categories
By top 5 attack techniques
By MITRE ATLAS techniques
By top 5 models

AI posture findings tab

These are findings for configuration-related vulnerabilities to help you verify that your AI assets are in compliance with your policies and controls.

Posture metrics

Select a card.

Open AI posture findings
Agents with findings
Tools with findings
System prompts with findings
MCP servers with findings

Findings

Select a card for AI posture findings.

By risk rating
By top 5 platforms
By top 5 AI posture rules
By top 5 critical agents by platform
By top 5 MITRE ATLAS techniques
By top 5 OWASP LLM categories

Inventory

AI models (total count) - A breakdown of AI inventory showing counts of different AI assets with findings reported.

Tables storing imported data and used for the dashboard

For scans of AI models, imported data is populated on the following tables and used for the dashboard. The data is aggregated, and the system currently runs daily aggregations.

For model vulnerabilities, imported data is populated on the following tables and used for the dashboard.

AI Scan Summaries [sn_sec_ai_scan_summary]
AI Scan Findings [sn_sec_ai_scan_finding]
Discovered AI Assets [sn_sec_ai_src_ci]
AI Vulnerability Entries [sn_sec_ai_vul_entry]
Model Files [sn_sec_ai_file]

For model validations, imported data is populated on the following tables and used for the dashboard.

AI Validation Findings [sn_sec_ai_validation_finding]
AI Validation Threat [sn_sec_ai_validation_threat]
AI Threat Signatures [sn_sec_ai_threat_signature]

For AI posture findings, imported data is populated on the following tables and used for the dashboard.

AI Posture Finding [sn_sec_ai_posture_finding]
AI Posture Rule [sn_sec_ai_posture_rule]
Finding guardrail [sn_sec_ai_m2m_finding_guardrail]