Security Posture Control release notes

  • Release version: Zurich
  • Updated January 28, 2026
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Security Posture Control Release Notes - Zurich

    The ServiceNow® Security Posture Control (SPC) application helps cybersecurity teams gain visibility into gaps in security tool coverage and deviations from security tool configurations across enterprise assets. The Zurich release introduces significant enhancements, including new capabilities for creating custom API connectors, updated policies and asset profiles, and user interface improvements, all aimed at improving security posture monitoring and management.

    Show full answer Show less

    Key Features

    • Custom API Connectors with Generative AI Assistance: Developers can now create and publish custom API connectors through the Connector builder module within the SPC workspace. Generative AI, available via a Now Assist skill (part of the Now Assist for Vulnerability Response application, Zurich Patch 4 required), automates tasks such as selecting API templates, configuring parameters, and mapping response fields. This facilitates tailored integration with security tools to import asset data specific to your environment.
    • Enhanced Policies and Asset Profiles: New out-of-the-box policies and asset profiles enable monitoring of overall security posture, configuration gaps, tool coverage compliance, vulnerability risks, and potential internet exposure. Supported tools include CrowdStrike, Microsoft Intune, Defender, SCCM, HCL BigFix, SentinelOne, Qualys, and Rapid7. These can be activated in the SPC workspace to identify and remediate security gaps effectively.
    • Data Integration Requirements: SPC relies on service graph connector data populated in the CMDB 360 Data [cmdbmultisourcedata] table. To ensure data availability, the system property glide.identificationengine.multisourceenabled must be set to true by users with the cmdbmsadmin role.
    • UI Improvements: The mitigation control details interface now uses clearer labels, replacing abbreviations (e.g., “EDR” updated to “Endpoint Protection”) to improve usability. The new Coral theme is the default for portal, web, and mobile experiences with Next Experience or Core UI enabled, featuring brand-neutral illustrations and an optional dark theme to reduce eye strain and enhance readability.

    Activation and Upgrade Information

    • Security Posture Control is available for installation via the ServiceNow Store. Customers must request the required applications and ensure dependencies are met as detailed in the installation documentation.
    • Upgrading to Zurich requires verifying that all prerequisite applications are installed and configuring the necessary system properties for data integration.

    Practical Benefits for ServiceNow Customers

    • Gain comprehensive visibility into security tool coverage and configuration compliance across your assets.
    • Leverage AI assistance to accelerate the integration of custom security tools through API connectors tailored to your environment.
    • Utilize enhanced policies and asset profiles to proactively identify and address security posture gaps and vulnerabilities.
    • Benefit from a modernized user interface and theming options that improve the user experience and accessibility.

    The ServiceNow® Security Posture Control application provides cybersecurity teams with visibility into security tool coverage gaps and deviations from security tool configuration for their enterprise assets. Security Posture Control was enhanced and updated in the Zurich release.

    Security Posture Control highlights for the Zurich release

    • Create and publish your own API connectors with a step-by-step process in the Connector builder module in the Security Posture Control workspace. You can use generative AI to automate some steps. See the Now Assist for Security Incident Response (SIR) release notes for more information about the Now Assist skill.
    • Get insights into your overall security posture and configuration gaps in your security tools using new policies and asset profiles that are included with the Security Posture Control application.
    • Use the policies included with the application or custom policies that you create to monitor your assets for overall security tool coverage, compliance with internal configuration standards, critical combinations of security gaps and vulnerabilities, and possible internet exposure.

    See Security Posture Control for more information.

    Important:
    Security Posture Control is available in the ServiceNow Store. For details, see the "Activation information" section of these release notes.

    Important information for upgrading Security Posture Control to Zurich

    For a complete list of the applications that are required to implement Security Posture Control, see Install Security Posture Control.

    New in the Zurich release

    Create a custom API service graph connector in the Security Posture Control workspace
    Use generative AI to help your developers create SPC API connectors quickly with the Connector builder framework module in the Security Posture Control workspace. With a Now Assist skill that is included with the Now Assist for Vulnerability Response application, your developers have the option to automate steps in the Connector builder framework.
    • You have the option to automate the steps for selecting API templates, populating request and header parameters, and response field mapping with generative AI.
      Note:
      You must install Zurich Patch 4 of the Now Assist for Vulnerability Response application to have access to the generative AI skill for the Connector builder framework. See the Now Assist for Security Incident Response (SIR) release notes and Supporting information for Unified Security Exposure Management AI skills and agents for more information.
    • Use your custom API connector to integrate with security tools and import asset data that is based on the unique requirements of your environment.
    • Help your cybersecurity teams monitor your overall security posture and identify assets that are missing key security tools with the API connectors that you build.
    Enhancements to policies and asset profiles included with the Security Posture Control application
    Get insights into your overall security posture and configuration gaps in your security tools using new policies and asset profiles that are included with the Security Posture Control application. Activate these asset profiles and policies in the Security Posture Control workspace so that you can identify gaps in configuration or coverage for the following tools:
    • CrowdStrike
    • Microsoft Intune, Defender, and SCCM
    • HCL Big Fix
    • SentinelOne
    • Qualys
    • Rapid7

    Changed in this release

    • Security Posture Control relies on data from service graph connectors that is populated in the CMDB 360 Data [cmdb_multisource_data] table. This data is populated only when the glide.identification_engine.multisource_enabled system property is set to true. You must have the cmdb_ms_admin role to modify property values. To set the property, navigate to All > Configuration > CMDB 360 Properties.
    • The labels on the form view for the mitigation control details record associated with vulnerable item records (VITs) have been enhanced for more clarity. These updates make the interface more user-friendly by expanding abbreviations on the form view, such as changing "EDR" to "Endpoint Protection."

    UI changes

    Coral theme
    Coral is now the default theme for new portal, web, and mobile experiences with Next Experience or Core UI enabled. This theme provides a fresh look and feel, featuring brand-neutral illustrations to enhance your user experience. A dark theme option is available for web and mobile experiences.

    Activation information

    Install Security Posture Control by requesting the required applications from the ServiceNow Store. Visit the ServiceNow Store website to view all the available apps and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.

    Accessibility information

    Dark theme
    The new Coral theme includes a dark theme option for web and mobile experiences. This option is commonly used to alleviate eye strain and improve readability.