Use the Security Exposure 360 agentic workflow to review vulnerability data about your environment. Vulnerability analysts and remediation owners can enter questions in plain language and receive comprehensive answers about
host, container, and test results vulnerabilities.
Before you begin
Note: Depending on your license, you will have access to certain application features, generative AI skills, agentic workflows, and AI agents. For more information, see
ServiceNow product tiers.
Roles required: sn_vul.vulnerability_analyst or sn_vul.vulnerability_admin
Procedure
-
Navigate to .
-
Select the Now Assist icon in the header.
-
Select Exposure 360 from the available options.
-
At the prompt, enter your question in natural language.
For example: How many active vulnerable items have a 'Critical' risk rating?
Note:
Now Assist generates responses based on the data available in your environment. Review answers for accuracy before acting on them.
The agentic workflow supports results for all types of findings in
Unified Security Exposure Management (USEM) that include host vulnerable items (VITs), container vulnerable items (CVITs), and container test results (CTRs) in your environment.
Note: To view CVITs and CTRs, you must
have the Container Vulnerability Response and Configuration Compliance applications installed.
- Optional:
If the response indicates no records, you might refine your question so it is more specific.
If you choose to enter them, it is helpful to be sure field labels and field values on records match the information on vulnerability records exactly. For example, a 'Critical' risk rating might correspond exactly to
the value 1 - Critical in the Risk rating fields on vulnerability records. Rephrasing your question to include information such as specific field labels or field values can help you improve the
accuracy of your returned results.
in the header on the page, you must activate the Now Assist panel. For more information, see Activate the Now Assist panel standard chat.