Security Posture Control release notes

  • Release version: Yokohama
  • Updated January 14, 2026
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Security Posture Control release notes

    The ServiceNow® Security Posture Control application helps cybersecurity teams gain visibility into gaps in security tool coverage and deviations in security tool configurations across enterprise assets. The Yokohama release enhances this application with new capabilities to improve monitoring, integration, and automation, enabling teams to better secure their environments.

    Show full answer Show less

    Key Features

    • Custom API Connectors with Generative AI: The Connector builder module in the Security Posture Control workspace now allows you to create and publish custom API connectors tailored to your environment. Developers can leverage generative AI via the Now Assist skill (available with the Now Assist for Vulnerability Response application, Yokohama Patch 11 required) to automate steps like selecting API templates, populating request/header parameters, and mapping response fields. This accelerates integration with security tools and import of asset data.
    • Enhanced Policies and Asset Profiles: New policies and asset profiles included with the application help you monitor your overall security posture. You can activate these in the workspace to identify configuration gaps or missing security tool coverage for key tools such as CrowdStrike, Microsoft Intune, Defender, SCCM, HCL BigFix, SentinelOne, Qualys, and Rapid7.
    • SentinelOne Integration: Import mitigation controls data from SentinelOne to detect which controls are active on your assets. Combined with SentinelOne asset and software data imported via the Service Graph Connector, this enables comprehensive monitoring of security tool coverage.
    • Service Graph Connector for Netskope: This connector imports hardware and software asset inventory from Netskope into the ServiceNow Configuration Management Database (CMDB), enhancing asset visibility.

    Activation and Upgrade

    Security Posture Control is available via the ServiceNow Store. To deploy or upgrade to the Yokohama release, ensure you install all required dependent applications and components as detailed in the installation documentation. The Now Assist generative AI features require the Now Assist for Vulnerability Response application with Yokohama Patch 11.

    The ServiceNow® Security Posture Control application provides cybersecurity teams with visibility into security tool coverage gaps and deviations from security tool configuration for their enterprise assets. Security Posture Control was enhanced and updated in the Yokohama release.

    Security Posture Control highlights for the Yokohama release

    • Create and publish your own API connectors with a step-by-step process in the Connector builder module in the Security Posture Control workspace. You can use generative AI to automate some steps. See the Now Assist for Security Incident Response release notes for more information about the Now Assist skill.
    • Get insights into your overall security posture and configuration gaps in your security tools using new policies and asset profiles that are included with the Security Posture Control application.
    • Use the policies included with the application or custom policies that you create to monitor your assets for overall security tool coverage, compliance with internal configuration standards, critical combinations of security gaps and vulnerabilities, and possible internet exposure.

    See Security Posture Control for more information.

    Important:
    Security Posture Control is available in the ServiceNow Store. For details, see the "Activation information" section of these release notes.

    Important information for upgrading Security Posture Control to Yokohama

    For a complete list of the applications that are required to implement Security Posture Control, see Install Security Posture Control.

    New in the Yokohama release

    Create a custom API service graph connector in the Security Posture Control workspace
    Use generative AI to help your developers create SPC API connectors quickly with the Connector builder framework module in the Security Posture Control workspace. With a Now Assist skill that is included with the Now Assist for Vulnerability Response application, your developers have the option to automate steps in the Connector builder framework.
    • You have the option to automate the steps for selecting API templates, populating request and header parameters, and response field mapping with generative AI.
      Note:
      You must install Yokohama Patch 11 of the Now Assist for Vulnerability Response application to have access to the generative AI skill for the Connector builder framework. See the Now Assist for Security Incident Response release notes and Supporting information for Now Assist for Vulnerability Response for more information.
    • Use your custom API connector to integrate with security tools and import asset data that is based on the unique requirements of your environment.
    • Help your cybersecurity teams monitor your overall security posture and identify assets that are missing key security tools with the API connectors that you build.
    Enhancements to policies and asset profiles included with the Security Posture Control application
    Get insights into your overall security posture and configuration gaps in your security tools using new policies and asset profiles that are included with the Security Posture Control application. Activate these asset profiles and policies in the Security Posture Control workspace so that you can identify gaps in configuration or coverage for the following tools:
    • CrowdStrike
    • Microsoft Intune, Defender, and SCCM
    • HCL Big Fix
    • SentinelOne
    • Qualys
    • Rapid7
    SentinelOne integration for mitigation controls monitoring
    You can import SentinelOne mitigation controls data with this integration to help you detect which mitigation controls are on your assets. Use this integration with the asset and software data that you import with the SentinelOne Service Graph Connector to help you monitor your security tool coverage on your enterprise assets.
    Service Graph Connector for Netskope
    This product pulls in asset inventory data for hardware and software from the Netskope database into the ServiceNow Configuration Management Database (CMDB) application.

    Activation information

    Install Security Posture Control by requesting it from the ServiceNow Store. Visit the ServiceNow Store website to view all the available apps and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.