Using agentic workflows

  • Release version: Australia
  • Updated May 26, 2026
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Using agentic workflows

    Agentic workflows in ServiceNow enable the use of AI agents to autonomously complete tasks related to Vulnerability Response. Access to these features depends on your ServiceNow license and product tier. These workflows leverage generative AI and AI skills to streamline vulnerability management processes.

    Show full answer Show less

    Available Agentic Workflows and AI Agents

    The platform offers several agentic workflows designed to assist vulnerability analysts and remediation owners through different stages of vulnerability management:

    • Security Exposure 360: Uses AI agents to evaluate vulnerability exposure data, including host, container, and test result vulnerabilities, allowing users to ask questions in natural language and receive comprehensive answers.
    • Guardrails Detector Agentic Workflow: Helps manage potential AI exposures by identifying guardrails, deferring findings with existing mitigations, or creating exception rules to handle future findings automatically.
    • Assess Vulnerability Exposure: Assesses configuration items (CIs) and business services for exposure to known vulnerabilities, evaluates potential impact, checks for new exploitable vulnerabilities (such as CISA zero-day vulnerabilities), and supports creation of watch topics to remediate issues.
    • Retrieve Vulnerability and Exposure Data: Enables quick retrieval of vulnerability data from legacy sources and the Unified Security Exposure Management (USEM) system using natural language queries.
    • Analyze Vulnerability Remediation Status: Provides insights into compliance metrics and remediation progress by severity, assignment group, configuration item, and vulnerability, assisting with monthly SLA compliance reviews.

    Practical Considerations

    • By default, agentic workflows and AI agent records are read-only. To customize a workflow, you must duplicate it first.
    • Agentic workflows are activated by default in the Now Assist for Vulnerability Response AI agents; you can configure triggers to invoke these workflows automatically as needed.
    • Some AI agents installed with Now Assist may not be used in agentic workflows but are available for use; users can find and manage all AI agents accessible to them.

    Benefits for ServiceNow Customers

    Using agentic workflows allows customers to automate complex vulnerability management tasks, gain actionable insights quickly through AI-driven analysis, and improve remediation compliance. This enhances security posture by enabling more effective exposure assessment, mitigation, and monitoring within the ServiceNow Vulnerability Response environment.

    Use AI agents to complete your tasks autonomously.

    Note:
    Depending on your license, you will have access to certain application features, generative AI skills, agentic workflows, and AI agents. For more information, see ServiceNow product tiers.
    Table 1. Available agentic workflows for AI agents for Vulnerability Response
    Agentic workflow name Description Available AI agents Supported workspaces
    Security Exposure 360 Evaluate vulnerability exposure data with Security Exposure 360.

    Vulnerability analysts and remediation owners can enter questions in plain language and receive comprehensive answers about all types of findings that include host, container, and test results vulnerabilities.

    		 Data Analysis AI Agent Legacy and Unified Security Exposure Management (USEM)
    Guardrails detector agentic workflow Manage potential AI exposures

    Use the AI agent to ask about the guardrails that were identified by the AI skill component in the AI Guardrails Helper, automatically defer findings with existing mitigations in the form of guardrails, or create exception rules to auto-defer future findings.

    		 Guardrails detector agentic workflow Unified Security Exposure Management (USEM)
    Assess vulnerability exposure Assess your vulnerability exposure
    • Determine if your configuration items (CIs) and business services are exposed to known vulnerabilities.
    • Determine the potential impact that a specific vulnerability might have throughout your environment.
    • Check CIs for any new Cybersecurity and Infrastructure Security Agency (CISA) exploitable (zero-day) vulnerabilities.
    • Create watch topics in the Vulnerability Manager workspace to remediate vulnerable items.
    • CISA vulnerability analysis AI agent
    • Vulnerability exposure analysis AI agent
    • Watch topic creation AI agent
    		 Legacy and Unified Security Exposure Management (USEM)
    Retrieve vulnerability and exposure data Retrieve Vulnerability and exposure data with generative AI.

    Ask questions in natural language to help you quickly retrieve vulnerability and exposure data across legacy sources and Unified Security Exposure Management (USEM).

    		 Retrieve VR data agent Legacy and Unified Security Exposure Management (USEM)
    Analyze vulnerability remediation status Analyze vulnerability remediation status
    • Gain insights into your compliance metrics and statistics for how well you're meeting remediation target dates on vulnerable item (VIT) records.
    • View your monthly VIT record remediation totals and identify missed targets.
    • Break down remediation data on VITs by Severity, Assignment group, Configuration item, and Vulnerability for your monthly Service Level Agreement (SLA) compliance reviews.
    		 Remediation compliance analysis AI Agent Legacy and Unified Security Exposure Management (USEM)
    Important:
    By default, all agentic workflows and AI agent records are read-only.
    To modify an agentic workflow, you must first duplicate the agentic workflow, and then proceed with the following steps:
    • Activate the agentic workflow. The Now Assist for Vulnerability Response AI agents included with the application are activated by default.
    • If required, you can add a trigger to invoke the agentic workflow automatically.
    • See Configure an agentic workflow for more information.

    There might be AI agents installed with the Now Assist application that are not used in agentic workflows. To learn how to see all agents that are available to you, see Find AI agents.