Viewing AI Exposures

  • Release version: Zurich
  • Updated June 4, 2026
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Viewing AI Exposures

    The AI Security Exposure Management dashboard within the AI Exposures module provides ServiceNow customers with a centralized view of their AI attack surface. It consolidates various AI-related security findings into three key categories: AI vulnerabilities, AI validation findings, and AI posture findings. This visibility helps customers manage AI security risks effectively by offering insights into open findings, remediation status, and compliance with policies.

    Show full answer Show less

    Access to this module requires specific roles such as vulnerability admin, vulnerability analyst, and remediation owner for both general vulnerabilities and AI-specific vulnerabilities.

    Key Features

    • Dashboard Navigation: Accessible via Workspaces > Security Exposure Management > AI Exposures, the dashboard aggregates data daily through a scheduled job, with an option to refresh on-demand for real-time updates.
    • Overview Section: Displays total counts of findings and remediation statuses—Open, Unassigned, Approaching Target, and Overdue—across all AI exposure categories.
    • AI Vulnerabilities Tab: Focuses on vulnerabilities found in open source AI models, including metrics such as number of open vulnerabilities, models scanned, and detailed findings filtered by risk rating, categories, MITRE ATLAS techniques, and status.
    • AI Validation Findings Tab: Presents results from third-party automated penetration testing and red teaming against AI models, offering metrics like open and mitigated findings, active guardrails, and number of attacks, along with detailed findings categorized by risk, threat type, attack technique, and impacted models.
    • AI Posture Findings Tab: Highlights configuration-related vulnerabilities to ensure AI assets comply with organizational policies. Metrics include open findings, affected agents, tools, system prompts, and MCP servers, with findings categorized by risk, platforms, posture rules, critical agents, MITRE ATLAS techniques, and OWASP LLM categories.
    • Interactive Widgets: Each section provides clickable cards or widgets that drill down into detailed lists of records for focused investigation and remediation.
    • AI Inventory Breakdown: Displays counts of different AI assets with reported findings to understand asset exposure comprehensively.

    Data and Tables

    The dashboard imports and aggregates AI security data daily into various tables supporting each category:

    • AI Model Scans and Vulnerabilities: Includes AI Scan Summaries, Scan Findings, Discovered AI Assets, Vulnerability Entries, and Model Files tables.
    • AI Model Validations: Uses AI Validation Findings, Validation Threats, and Threat Signatures tables.
    • AI Posture Findings: Stored in AI Posture Finding, Posture Rule, and Finding Guardrail tables.

    Practical Value for ServiceNow Customers

    This module empowers ServiceNow customers to:

    • Centralize visibility of AI security exposures across vulnerabilities, validations, and posture compliance.
    • Prioritize remediation efforts based on risk ratings, attack techniques, and exposure status.
    • Leverage automated data aggregation with on-demand refresh for timely and accurate reporting.
    • Ensure AI models and assets adhere to security policies and controls, reducing risk from misconfigurations or vulnerabilities.

    Overall, the AI Exposures dashboard facilitates proactive management and mitigation of AI security risks within the ServiceNow Security Exposure Management workspace.

    Access the entire attack surface across various types of findings on the AI Security Exposure Management dashboard on the AI Exposures module. See AI exposures as a dedicated module of the Security Exposure Management workspace.

    AI Exposures overview

    See Exploring AI Security Exposure Management for an overview and more information about the application.

    Roles required.
    • sn_vul.vulnerability_admin
    • sn_vul.vulnerability_analyst
    • sn_vul.remediation_owner
    • sn_sec_ai.vulnerability_admin
    • sn_sec_ai.vulnerability_analyst
    • sn_sec_ai.remediation_owner
    There are three categories of AI exposures that are displayed on the dashboard.
    • AI vulnerabilities
    • AI validation findings
    • AI posture findings

    Navigate to Workspaces > Security Exposure Management > AI Exposures.

    The totals displayed on the dashboard are aggregated (totaled) by a scheduled job that by default runs daily. When you open dashboard, these aggregated results from the scheduled <name> job are displayed. To see data on-demand, select Refresh. This activates the background job and the page refreshes with the aggregated result when the job completes.

    Select a tab to view visualizations for each category.

    Overview section

    The Overview section displays the total counts of finding remediation status for AI vulnerabilities, AI validation findings, and AI posture findings of AI exposures for Open findings, Unassigned, Approaching Target, and Overdue.

    Select a tab to filter your lists by category and select a tile to open the filtered lists.

    AI vulnerabilities tab

    This is data about vulnerabilities that are discovered in open source AI models that are published in repositories.

    Scan metrics section

    Select a card (widget) to open a list of records.

    • Open vulnerabilities
    • Models scanned
    • Model files scanned
    Findings

    Select a card (widget) to open a list of records.

    • By risk rating
    • By top 5 categories
    • By top 5 MITRE ATLAS techniques
    • By open vs closed state

    AI validation findings tab

    These findings are from third-party automated penetration testing or automated red teaming done to verify the behavior of some of these models by scanning them against their prompt libraries.

    Validation metrics section

    Select a card (widget) to open a list of records.

    • Open validation findings
    • Mitigated findings
    • Active guardrails
    • Models tested
    • Number of attacks
    Findings section

    Select a card (widget) to open a list of records for Model vulnerability findings.

    Select a card to open a list of records for model validation findings.

    • By risk rating
    • By top 5 threat categories
    • By top 5 attack techniques
    • By MITRE ATLAS techniques
    • By top 5 models

    AI posture findings tab

    These are findings for configuration-related vulnerabilities to help you verify that your AI assets are in compliance with your policies and controls.

    Posture metrics
    Select a card.
    • Open AI posture findings
    • Agents with findings
    • Tools with findings
    • System prompts with findings
    • MCP servers with findings
    Findings

    Select a card for AI posture findings.

    • By risk rating
    • By top 5 platforms
    • By top 5 AI posture rules
    • By top 5 critical agents by platform
    • By top 5 MITRE ATLAS techniques
    • By top 5 OWASP LLM categories

    Inventory

    AI models (total count) - A breakdown of AI inventory showing counts of different AI assets with findings reported.

    Tables storing imported data and used for the dashboard

    For scans of AI models, imported data is populated on the following tables and used for the dashboard. The data is aggregated, and the system currently runs daily aggregations.

    For model vulnerabilities, imported data is populated on the following tables and used for the dashboard.

    • AI Scan Summaries [sn_sec_ai_scan_summary]
    • AI Scan Findings [sn_sec_ai_scan_finding]
    • Discovered AI Assets [sn_sec_ai_src_ci]
    • AI Vulnerability Entries [sn_sec_ai_vul_entry]
    • Model Files [sn_sec_ai_file]

    For model validations, imported data is populated on the following tables and used for the dashboard.

    • AI Validation Findings [sn_sec_ai_validation_finding]
    • AI Validation Threat [sn_sec_ai_validation_threat]
    • AI Threat Signatures [sn_sec_ai_threat_signature]

    For AI posture findings, imported data is populated on the following tables and used for the dashboard.

    • AI Posture Finding [sn_sec_ai_posture_finding]
    • AI Posture Rule [sn_sec_ai_posture_rule]
    • Finding guardrail [sn_sec_ai_m2m_finding_guardrail]