The Now Assist panel is displayed. If you don't see the Now Assist icon in the header on the page, you must activate the Now Assist panel. For more information, see Activate the Now Assist panel standard chat.

The Assess vulnerability exposure agentic workflow is on-demand. You can enter any query in natural language, but you might consider using the prompts described in the following table and steps to start with to become familiar with the vulnerability data that is available and what you can do with it. The following steps show you how to request current vulnerability data, create a watch topic based on the returned results, and determine the overall impact a vulnerability might have on your environment.

Your request or response	Description
What are the recent CISA vulnerabilities?	Recent in your question refers to new vulnerabilities that have surfaced during the last seven days. Seven days (one week) is the default time period for the agentic workflow. If you want to search for new vulnerabilities for a specific time period other than seven days, type in a request with a value that occurs in the past such as, What are the recent vulnerabilities for the past 30 days?
Yes, create a watch topic for the vulnerability CVE-2018-9065.	When asked if you want to create a watch topic, you might prefer to be specific in your response. For example,confirm the request and type in a specific vulnerability in the format: CVE-2018-9065.
Can you give me a detailed impact analysis for the CVE-2018-9065 vulnerability?	Potential impact analysis of vulnerabilities is supported only for affected business services and configuration item classes.
Show output for the previous question.	Request the agent to review your previous question if it doesn't give you an answer.
End the session, or Stop.	End the conversation.

Your conversation is saved until you start a new chat. If the conversation ends unexpectedly, start a new chat. To start a new chat, select the New chat icon ().

Because your entry doesn’t specify a range, the agent by default gathers Cybersecurity and Infrastructure Security Agency (CISA) exploitable vulnerability data about your assets and returns information from the last seven days.

The Common Vulnerabilities and Exposures (CVE) vulnerabilities that impact your assets and have vulnerable items associated with them in your environment are listed.

You might see that the agent also returns aliases that match CVEs. Aliases are reported if you’re using third-party scanners to import your vulnerability data. For example, CVE-2018-8627 (alias: TEN-119686, TEN-119596) with severity Medium has 4 vulnerable items (VITs). This response indicates that the vulnerability was discovered and imported by the Tenable (TEN) scanner product.

The list opens in a new tab in UI16.

The agent proposes a name for your watch topic and asks for confirmation. You can change the name.

The list opens in a new tab in UI16. After reviewing the data, you might decide you want more information about the impact the CVE has on your other assets.

This request returns information about your configuration items and business services that are affected by this CVE. It provides a criticality breakdown, a list of business services that are impacted, and a list of the classes of affected configuration items. There is also a link for more detailed information.

Information about the business service includes associated vulnerable items, criticality (risk) and the configuration items by class are listed.