Using generative AI skills

  • Release version: Zurich
  • Updated June 4, 2026
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Using generative AI skills

    Generative AI skills integrated with Now Assist for Vulnerability Response empower vulnerability managers and analysts to efficiently resolve remediation tasks within their workflow. These AI-driven capabilities are accessible through both legacy and Unified Security Exposure Management (USEM) workspaces, with some features exclusive to USEM. To utilize the agentic workflows involving generative AI skills, an upgrade to Unified Security Exposure Management is required.

    Show full answer Show less

    In domain-separated environments, generative AI respects data boundaries by only accessing data within the user's domain, ensuring no co-mingling of information across instances. Additionally, generative AI services do not persist user prompts or responses, maintaining data security and privacy.

    Key Features

    • Security Exposure 360: Allows users to ask plain-language questions about various vulnerability findings, including hosts, containers, and test results, receiving comprehensive exposure data answers.
    • AI Guardrails Helper Skill and Agentic Workflow: Helps identify finding types and understand mapped guardrails to determine if findings are mitigated, deferred, or require remediation (USEM workspace only).
    • Generate Vulnerability Insights: Provides contextual summaries and actionable recommendations to improve vulnerability management and prioritization.
    • Exception and False Positive Approval Recommendations: Offers on-demand AI-driven recommendations to support approval workflows for exceptions and false positives.
    • API Connector Builder Assistance: Automatically populates steps in the API Connector builder using generative AI (requires additional application installations).
    • Duplicate Vulnerable Items Identification: Detects and groups duplicate vulnerable items from multiple scanners, helping to identify the primary item and close duplicates.
    • Suggest Vulnerability Solutions: Recommends the most appropriate preferred solutions for active host vulnerable items, leveraging Vulnerability Solution Management integrations (requires installation of the Vulnerability Solution Management application).
    • Approval Impact Analysis Recommendations: Streamlines approval processes for exceptions and false positives with AI-generated impact analysis suggestions.

    Practical Benefits for ServiceNow Customers

    • Enhanced efficiency in vulnerability remediation by integrating AI insights directly into workflows.
    • Improved decision-making with AI-generated contextual summaries and recommendations.
    • Maintained data security and privacy through domain separation and non-persistence of generative AI requests.
    • Support for complex tasks such as duplicate item identification and solution recommendation reduces manual effort.
    • Flexibility to leverage AI in approval processes and API connector creation, supporting diverse user roles including developers, analysts, and security administrators.

    Vulnerability managers and analysts can resolve remediation tasks from within their flow of work with the generative AI skills.

    To view and use the generative AI skills agentic workflows in the Unified Security Exposure Management you must upgrade to Unified Security Exposure Management. See Unified Security Exposure Management release notes for more information.

    Skills reuse

    By default, all skills exist in the global domain. When you use Now Assist in a domain-separated environment, users are only able to access data in their domain. For example, if a user uses the summarization skill, Now Assist only uses material that exists in the user's domain when generating that summary. Additionally, there is no co-mingling of data for domain-separated instances when using generative AI skills. The data resides only on the instance, and the shared services used for generative AI do not persist any requests (prompts) and responses. For more information, see Domain separation in the Now Assist Admin console. (Note that global domain is not the same as global scope. For more information, see Exploring Next Experience pickers.)

    Overview of Now Assist for Vulnerability Response skills

    With generative AI skills with Now Assist for Vulnerability Response, your vulnerability managers and analysts have the option to use generative AI skills to help them with the following tasks. Unless otherwise noted, these generative AI skills are supported by the legacy and Unified Security Exposure Management (USEM) workspaces.

    Generative AI skill Description Users
    Evaluate vulnerability exposure data with Security Exposure 360 Use generative AI to enter questions in plain language and receive comprehensive answers about all types of findings that include host, container, and test results vulnerabilities. Vulnerability managers and analysts
    Using the AI guardrails helper skill and agentic workflow
    Use an AI skill to help you identify finding types, understand the guardrails that might be already mapped to findings, and see why they were selected by the skill to map to specific findings. This information can help you determine which findings might be already mitigated or deferred for later review or remediation.
    Note:
    Supported only in the Unified Security Exposure Management (USEM) workspace.
    		 Vulnerability analysts, vulnerability managers, and Chief Information Security Officers (CISO)s
    Generate vulnerability insights with generative AI Use generative AI to provide insights based on contextual summaries and provide actionable recommendations. Vulnerability managers and analysts
    Get exception and false positive approval recommendations Use generative AI to provide on-demand approval and false positive recommendations. Exception and false positive approvers
    Create an API connector with generative AI

    Use generative AI to automatically populate steps in the API Connector builder.

    Note:
    You must install and activate the required applications in addition to Now Assist for Vulnerability Response to use the generative AI skill to help you create your own API connector.
    		 Developers in your organization, vulnerability and security admins
    Identify duplicate vulnerable items with generative AI Identify and group duplicate vulnerable items (VITs) created from multiple scanners. Identify the primary vulnerable item and remove (close) duplicates. Vulnerability managers and analysts
    Suggest vulnerability solutions with generative AI

    Identify the most appropriate preferred solution for a given vulnerable item (VIT).

    Note:
    • You must install and activate Vulnerability Solution Management [sn_vul_solution] to import and view preferred and available vulnerability solutions. This application provides you with current solutions with scheduled imports. Vulnerability Solution Management is available on the ServiceNow® Store.
    • This generative AI skill supports only active host vulnerable items (VITs). VITs must be in the Open, Under Investigation, Awaiting Implementation, or In Review states.
    • Current solutions that most effectively address vulnerabilities, also referred to as solutions of the highest supersedence, must be available for you to import from third-party vendors. See Vulnerability Solution Management for more information about Vulnerability Solution Management and supported integrations for more information.
    • The Configuration item field on a VIT must be populated with a value from the Configuration Item [cmdb_ci] table.
    • The Vulnerability field on a VIT must be populated.
    		 Vulnerability managers and analysts
    Generate vulnerability insights with generative AI Understand your security posture with AI-generated summaries and recommendations to help you prioritize and act on critical findings. Vulnerability managers and analysts
    Generate a recommendation for approval impact analysis Streamline the approval process for exceptions and false positive requests with AI-driven recommendations. Vulnerability managers and analysts