Security and privacy tab

Zurich Enable AI

Release

zurich

ft:locale

en-US

ft:publication_title

Zurich Enable AI

ft:clusterId

platai

bundleId

platai

workflow

Platform

Security & privacy tab in AI Control Tower

Release version: Zurich

Updated July 31, 2025

8 minutes to read

Summarize

Summarized using AI

Summary of Security & privacy tab in AI Control Tower

The Security & privacy tab in AI Control Tower provides ServiceNow customers with a centralized dashboard to monitor and manage the security posture of their AI assets. This tab offers visualizations and detailed metrics on AI agent access issues, dormant and privileged AI agents, and the relationships between AI agents, workflows, and tools via an interactive access map. It helps identify risks and compliance gaps, enabling proactive security management within your ServiceNow instance.

Show full answer Show less

Key Features

Dashboard Visualizations: Displays access issues, privileged AI agents, dormant AI systems, and AI asset security scores to give a summarized view of security health.
Access Map: A node-graph visualization that maps relationships between AI agents, workflows, and tools. It enables investigation and resolution of access issues, including user-level details.
AI Asset Security Score: Measures overall AI asset health based on access issues, privileged agents, and dormant AI systems. Customers can review individual asset impacts and mute assets if remediation is risky.
AI Insights: Provides summaries of security positives, areas needing attention, and high-impact observations, along with actionable remediation steps. Requires enabling the Now Assist AICT security posture summarizer skill.
Role-Based Access: Certain features like AI task creation and detailed views require the snvsc.taskmanager role.
Guardrails and Data Protection Analytics: Includes monitoring for prompt injection, offensive content, sensitive data exposure, data integrity issues, agent goal deviations, and detection of personally identifiable information (PII) or security-vulnerable patterns in AI output, powered by Now Assist Guardian.
Integration with AWS Bedrock: Supports filtering privileged and dormant AI agent metrics for AWS agents when AWS account integration and relevant skills are enabled.
MCP Server Access Monitoring: Tracks authorized and failed access attempts by ServiceNow AI agents or third-party clients routed through the AI Gateway.

Practical Use and Outcomes

ServiceNow customers can leverage the Security & privacy tab to:

Continuously monitor AI asset security status, identifying and prioritizing access-related risks and permission issues.
Visually explore and manage complex relationships between AI agents, workflows, and tools to pinpoint and remediate security problems.
Automatically generate AI asset security tasks to streamline issue resolution and maintain compliance.
Detect and mitigate risks related to AI output, including exposure of sensitive or PII data and injection attacks.
Maintain a robust security posture by balancing risk and operational impact, including the ability to mute specific assets from scoring when remediation is undesirable.
Track security trends over time with historical data on privileged and dormant AI agents to support ongoing governance.

By using these features, customers enhance their ability to secure AI implementations within ServiceNow, reduce vulnerabilities, and comply with data privacy and security policies effectively.

Review AI asset security metrics such as access issues, dormant and privileged AI agents, and map the relationships of your agents, agentic workflows, and tools.

The Security & privacy tab of AI Control Tower offers a dashboard-based overview of your AI asset security metrics. The dashboard contains several visualizations detailing AI asset security metrics. In addition to tracking metrics, the Security & privacy tab contains the access map, a tool that gives a node-graph visualization of the relationships between your ServiceNow agents, agentic workflows, and tools. You can use the map to investigate the relationships between your AI agents and workflows further.

Note:

You can drill down into the data on each widget by selecting the chart.

ServiceNow AI Insights

ServiceNow AI Insights require that the Now Assist AICT security posture summarizer skill is enabled. For more details, see Activate a Now Assist skill.

AI Control Tower AI insights summarize positives and potential issues to remediate to improve the overall security posture of your instance.

Positives: Enabled settings and features that help improve your security posture.
Areas for Attention: Low- to medium-risk items to resolve.
High Impact Observations: High-risk items to resolve.
Actions: Suggested action items to address items listed in Areas for Attention and High-Impact Observations.

Access map

The Access map displays a node map detailing the relationships of your ServiceNow® agents, agentic workflows, and tools. You can use the map to review these relationships, configure agent details, and resolve access issues. The map includes filters for both agents and agentic workflows. You can open the access map by either navigating to All > AI Security and Privacy > Access Map, or selecting the link in the dashboard.

If a warning icon appears on any agent, that agent may have access issues. Select the warning icon to see details such as the workflow, agent, and tool associated with the access issue.

In Access issues, the User ID is the ID of the user who ran the agent.

AI Control Tower access map with access issues shown.

AI Asset Security Score

The AI asset security score is a measure of the health of your AI assets in terms of access issues, privileged AI agents, and dormant AI systems.

AI assets impacting your score

To see more information about your score, select See details in the Security & privacy tab. A list view shows the AI assets that are included in your AI asset security score calculation. Your score is the average of all AI assets listed. Users should actively manage and review their agent assets and not rely solely on this AI asset security score.

You can exclude an asset from your score by selecting a row and selecting Mute. For example, you can mute an AI asset if you determine that remediating the asset’s issue would be a risky change.

Table 1. AI assets impacting your score
Column	Description
AI system	Name of the AI asset.
Category	Type of issue, such as dormant AI system, privileged AI agent, or access issue.
Provider	Whether the asset is provided by ServiceNow or is external.
Score impact	The percentage impact to your AI asset security score.
Date	Date the issue occurred.
AI Task	The AI asset security task to remediate the issue, if applicable.

Access

Access issues

The Access issues chart displays the proportion of AI agents that may be experiencing access-related issues and lists the top AI systems with access issues. AI agents with access issues may be unable to complete their workflows due to the access issue. Hover over a portion of the chart to see the exact proportion and count of agents.

You can create AI asset security tasks directly from the list view by selecting Create AI task. See all active AI asset security tasks in AI assets in the AI Task section. Access to this section requires the sn_vsc.task_manager role.

Resolved AI asset security tasks that are over 180 days old are archived. Archival days can be configured in system properties.

Privileged AI Agents

The area chart shows AI agents with elevated permissions, such as an agent with admin or security admin permissions, that can perform critical actions. Some workflows require that AI agents have elevated permissions. Hover over a portion of the chart to see the exact number of privileged agents for a particular day.

To show AWS agent metrics, filter the metrics by selecting AWS Bedrock in the provider drop-down list. You must have an AWS account configured for your instance and the Now Assist AiSP AWS IAM privileged policy checker skill enabled. For more information, see AI connections setup and Activate a Now Assist skill.

Area chart detailing the privileged AI agents.

You can create AI asset security tasks directly from the list view by selecting Create AI task. See all active AI asset security tasks in AI assets in the AI Task section. (Role required: sn_vsc.task_manager.)

Resolved AI asset security tasks that are over 180 days old are archived. Archival days can be configured in system properties.

Dormant AI systems

The area chart shows AI agents that have not been active for over 90 days. Review dormant AI agent permissions to reduce security risk. Hover over a portion of the chart to see the exact number of dormant AI systems for a particular day.

To show AWS agent metrics, filter the metrics by selecting AWS Bedrock in the provider drop-down list. You must have an AWS account configured for your instance. For more information, see AI connections setup.

Area chart detailing dormant AI systems.

When an AI agent becomes dormant, an AI asset security task is created automatically to streamline your workflow, and quickly resolve issues. The AI asset security task is assigned to the agent’s owner. See all active AI asset security tasks in AI assets in the AI Task section.

Resolved AI asset security tasks that are over 180 days old are archived. Archival days can be configured in system properties.

ServiceNow instance access to MCP servers

MCP server access metrics include MCP client-server interactions routed through this instance's AI Gateway. Interactions that bypass the AI Gateway or are routed through another instance's AI Gateway aren't included.

Clients connecting to MCP servers: The Clients connecting to MCP servers chart shows the top 10 clients (ServiceNow AI agents or registered third-party MCP clients) connecting to MCP servers through this instance's AI Gateway. MCP server access metrics are captured for client-server interactions routed through the AI Gateway.
Authorized access attempts to MCP servers: The Authorized access attempts to MCP servers chart shows successful access attempts from MCP clients to MCP servers through this instance's AI Gateway. Clients include ServiceNow AI agents and registered third-party MCP clients.
Failed access attempts to MCP servers: The Failed access attempts to MCP servers chart shows unsuccessful access attempts from MCP clients to MCP servers through this instance's AI Gateway. Clients include ServiceNow AI agents and registered third-party MCP clients.

Guardrails

Prompt injection

These charts show prompt injection data provided by Now Assist Guardian. To see data, enable Now Assist Guardian for your instance. For more information, see Now Assist Guardian analytics.

Offensive content

These charts show offensive content data provided by Now Assist Guardian. To see data, enable Now Assist Guardian for your instance. For more information, see Now Assist Guardian analytics.

Sensitive data

The Sensitive data detected chart shows sensitive data that was identified in user responses to Now Assist prompts. Exposure of sensitive data is limited to the large language model (LLM) in your instance.

The Sensitive data anonymized chart shows prompt data that met configured data patterns. This data was anonymized based on the configuration for the pattern in Configuration Data Patterns in Data Privacy. For more information, see Create anonymization policies.

Data integrity incident detection

The Data integrity incident detection chart is designed to help show potential violations of certain LLM guardrail policies. We analyze the AI agent's output from each of its tasks deterministically to detect potential violations. You can choose to include or omit these policies. For more information about how to configure data for this chart, see Data sharing, Data overflow processing, and Security & privacy in AI Control Tower.

Agent goal deviation

The Agent goal deviation chart is designed to help identify when AI agents may have deviated from their intended role or objective during execution. Deviations include but aren’t limited to unauthorized actions or prompt injection attempts. The data is collected by analyzing agent execution history and then evaluated by AI. You can choose the data models to include or omit. Due to the probabilistic nature of the analysis by data model, not all occurrences may be identified. For information on how to configure data for this chart, see Data sharing, Data overflow processing, and Security & privacy in AI Control Tower.

AI agent output with PII detected

The AI agent output with PII detected chart shows when agents' AI task output potentially contains personally identifiable information (PII). The data is collected by analyzing LLM output for PII sensitive data patterns specified in Data Privacy and additional PII patterns. For example, U.S. phone number, credit card number, or Social Security number. You can choose to include or omit potential PII patterns to detect. For information on how to configure data for this chart, see Data sharing, Data overflow processing, and Security & privacy in AI Control Tower.

Agentic output injection detection

The Agentic output injection detection chart shows when agents' LLM output potentially contains known security-vulnerable patterns. These patterns are Eval-Function-Audit, Html-Tag-injection, Non-printable-class, Script-Tag-injection, SQL-query-injection, and Terminal-RCE from the sn_data_discovery_data_pattern table in the AI Security and Privacy application. We analyze the AI agent's output from each of its tasks deterministically based on the patterns listed to find out potential security vulnerabilities. For example, HTML tags shouldn't have scripts associated with them for cross-site script attacks (XSS), or stacked SQL queries could result in SQL injection attacks. You can choose to include or omit potential patterns to detect. For information on how to configure data for this chart, see Data sharing, Data overflow processing, and Security & privacy in AI Control Tower.

Note:

These security-vulnerable patterns are ever-evolving, so not all patterns may be identified.