Supporting information for Unified Security Exposure Management AI skills and agents

  • Release version: Australia
  • Updated June 2, 2026
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Supporting information for Unified Security Exposure Management AI skills and agents

    The Unified Security Exposure Management (USEM) application leverages Now Assist generative AI skills and agents to enhance vulnerability and security exposure management within ServiceNow. This release supports multiple integrated applications and user interfaces designed to provide quick, natural language access to vulnerability data, compliance insights, remediation guidance, and security posture monitoring.

    Show full answer Show less

    Supported Versions and Required Applications

    USEM requires specific ServiceNow applications and versions to function effectively:

    • Now Assist for Vulnerability Response 5.0.0
    • Now Assist for Platform [sngenaiplatform] 11.2.3
    • Vulnerability Response Integration with CISA [snvulcisa] 1.5.1
    • Vulnerability Response [snvul] and its USEM-specific variant 30.4.4
    • Vulnerability Response licensing and usage [snvullicensing] 2.7.1
    • Vulnerability Response Common Workspace [snvulcmnws] 1.10.0
    • Vulnerability Response Integration Framework [snvulintfw] 1.5.0
    • AI Security Exposure Management (snsecai) 2.0.1
    • Vulnerability Solution Management [snvulsolution] 10.4.3
    • Security Posture Control API Connectors [snspccxf] 2.1.1
    • Mitigation Controls Monitoring [snsecmitctrl] 4.2.2
    • Security Posture Control [snsecspccore] 7.1.1

    Note that Vulnerability Response is included as part of the Vulnerability Response application.

    Supported User Interfaces and Key Features

    Now Assist for Vulnerability Response offers generative AI skills across several key interfaces tailored for vulnerability and security management:

    • Vulnerability Manager Workspace: Enables users to ask natural language questions to retrieve vulnerability and exposure data across hosts, containers, and test results. Key AI features include:
      • Deduplication of host vulnerable items (VITs)
      • Remediation assistance with potential and preferred third-party solutions
      • Assessment of configuration items (CIs) and business services exposure
      • Monitoring for new known exploitable vulnerabilities from CISA
      • Insights into compliance metrics and remediation SLA performance
    • Security Exposure Management (SEM) Workspace: Supports natural language queries to access vulnerability and exposure data. It also provides:
      • AI-generated insights and recommendations for Approval Impact Analysis
      • On-demand approval recommendations within Exception Change Approval records
    • Security Posture Control Workspace: Includes a Setup Connector skill that guides developers to create custom API connectors for importing security data from third-party products. This accelerates API template selection, request/header parameter configuration, and response mapping.

    Expected Benefits for ServiceNow Customers

    • Faster and more intuitive access to comprehensive vulnerability and exposure information through natural language queries
    • Improved remediation efficiency via AI-driven solution recommendations and third-party vendor insights
    • Enhanced security posture monitoring with custom API connectors integrating external security data
    • Better compliance tracking and SLA management to meet organizational security goals
    • Streamlined approval workflows supported by AI-generated recommendations within the SEM workspace

    Get a quick overview of the important information that is related to the USEM application.

    Supported versions and required applications

    The following applications are required:

    Application Version
    Now Assist for Vulnerability Response 5.0.0
    Now Assist for platform [sn_genai_platform] 11.2.3
    Vulnerability Response Integration with CISA [sn_vul_cisa] 1.5.1
    Vulnerability Response [sn_vul] non USEM.
    Note:
    Application Vulnerability Response is included as a part of Vulnerability Response.
    		 26.5.3
    Vulnerability Response for USEM and Security Exposure Management workspace.
    Note:
    Application Vulnerability Response is included as a part of Vulnerability Response.
    		 30.4.4
    Vulnerability Response licensing and usage [sn_vul_licensing] (installed with [sn_vul]) 2.7.1
    Vulnerability Response Common Workspace [sn_vul_cmn_ws] (installed with [sn_vul]) 1.10.0
    Vulnerability Response Integration Framework [sn_vul_int_fw] 1.5.0
    AI Security Exposure Management (sn_sec_ai). 2.0.1
    Vulnerability Solution Management [sn_vul_solution] 10.4.3
    Security Posture Control API Connectors [sn_spc_cxf] for the API Connector skill. 2.1.1

    Mitigation Controls Monitoring [sn_sec_mit_ctrl] for the API Connector skill.

    		 4.2.2
    Security Posture Control [sn_sec_spc_core] for the API Connector skill. 7.1.1

    Supported user interfaces

    Now Assist for Vulnerability Response includes the generative AI skills listed in the following table.

    Table 1. Now Assist for Vulnerability Response supported interfaces
    Interface Features
    Vulnerability Manager Workspace Ask questions in natural language to help you quickly retrieve vulnerability and exposure data for all types of findings that include host, container, and test results vulnerabilities with Security Exposure 360.

    Now Assist skills:

    • Deduplication of host vulnerable items (VITs).
    • Remediation assistance that includes providing potential, preferred solutions from third-party vendors.

    AI agents:

    Vulnerability managers and analysts can assess if your configuration items (CIs) and your business services are exposed to vulnerabilities. Check for any new Cybersecurity and Infrastructure Security Agency (CISA) known exploitable vulnerabilities and assess their potential impact on your environment.

    Vulnerability managers and analysts can gain insights into your compliance metrics to understand how effectively your organization is meeting remediation goals for vulnerabilities based on Service Level Agreements (SLAs).
    Security Exposure Management (SEM) workspace Ask questions in natural language to help you quickly retrieve vulnerability and exposure data for all types of findings that include host, container, and test results vulnerabilities with Security Exposure 360.

    Generate insights and Generate recommendation for Approval Impact Analysis skills.

    Use generative AI to provide insights based on contextual summaries, actionable recommendations, and quick links in the Security Exposure Management (SEM) workspace.

    Use generative AI to provide on-demand approval recommendations directly from the Exception Change Approval record in the Security Exposure Management (SEM) workspace.
    Security Posture Control Workspace Now Assist SPC Setup Connector skill:

    Get guidance for how to create your own API connectors for the Security Posture Control workspace based on common third-party security products.

    Developers can accelerate the process of selecting API templates and populating request and header parameters and response field mapping. Your cybersecurity teams can use these custom API connectors to import the security data that helps them monitor your security posture.
    UI6 Links in the responses in theNow Assist panel open new tabs in your browser.