日本語 
ServiceNow, the AI control tower for business transformation, announced Autonomous Security & Risk at its annual customer and partner event, Knowledge 2026 , to manage all AI agents, identities, and connected assets . Armis provides continuous asset intelligence across code, IT, OT, IoT, and connected assets. Veza provides granular visibility, intelligence, and governance for human and non-human identities. This combination creates one of the most comprehensive security, risk, and compliance platforms for enterprise AI.
Last year, ServiceNow’s security and risk business surpassed $1 billion in annual contract value (ACV), becoming one of the fastest-growing demand sources on the ServiceNow AI Platform. The pressure is mounting as AI dramatically increases the number of decisions that require identity, authority, connected assets, and control. AI agents gain access, make decisions, and operate at machine speed. The number of non-human identities behind them already far exceeds the number of human identities. Most companies cannot answer the questions of who authorized that access, why it exists, and whether it is still valid. Fragmented security tools cannot bridge this gap, but a platform approach can.
All AI agents are identity itself, and most of them are uncontrolled.
All AI agents operating within an enterprise function through identity. AI agents access systems, read data, and execute workflows under a set of permissions almost certainly designed for human actors, not for the speed, scale, and autonomy of AI agents themselves. Bridging the gaps in identity visibility, intelligence, and governance is critical.
Also Read: GGWP Secures $15M to Scale AI Moderation Across Asia
Veza ‘s Access Graph continuously and in real time maps all access relationships across the enterprise environment, including what has access, what can be done with that access, and how that changes as context shifts, systems evolve, and agents proliferate. With Veza integrated into the ServiceNow AI Platform, this capability governs both human and non-human identities within a single operational framework. It surfaces risks, enforces least privilege at the point of action, triggers downstream remediation, and builds the traceable organizational memory required by auditors and regulators. ServiceNow Veza works with ServiceNow’s existing vulnerability, exposure, and incident management capabilities to mitigate exposures before and after a breach. In other words, it manages “who has what” access and continuously identifies and remediates vulnerabilities related to privileges.
You cannot protect what you cannot see.
Asset visibility is a fundamental requirement of enterprise security, yet it has consistently been a source of failure. Today’s enterprise environments encompass precompiled code, IT infrastructure, operational technologies (OT), connected devices, cloud workloads, medical devices, and now even AI agents, all interacting across boundaries that cannot be fully captured by a single tool.
Armis , integrated with ServiceNow , enables real-time, contextualized awareness of all connected cyber assets, including devices and systems that were previously invisible with traditional tools. Armis monitors network traffic without agents or disruption to operations, enriching every asset record with device type, classification, firmware version, behavioral data, and real-time risk posture. This intelligence flows directly into the ServiceNow CMDB, transforming a static inventory into a real-time, holistic view of the actual attack surface. When vulnerabilities, misconfigurations, or anomalous behavior are detected in an asset, ServiceNow responds at machine speed, following common environmental context.
Veza and Armis are working together to enhance ServiceNow’s advantage as a platform for understanding what exists in an environment and “who and what” is allowed to interact with that environment. This real-time asset intelligence will be fed directly into ServiceNow’s security incident response workflow, making the same context used to assess risk before a breach immediately available for containing that risk after a breach.
A reliable AI blueprint
When AI functions within an enterprise, it must be based on the business realities behind every decision, including permission management, continuous monitoring, and an audit trail that can withstand scrutiny. That’s what Autonomous Security & Risk offers. Asset intelligence, identity governance, risk management, and workflow automation work together as a single system, all powered by AI. Two new AI specialists announced today as part of ServiceNow’s Autonomous Workforce expansion handle vulnerability resolution and security operations end-to-end, autonomously addressing the unresolved vulnerability backlog and investigating phishing incidents alongside human teams.
The ServiceNow AI Control Tower manages agents, ensuring inventory registration from the moment an agent appears, continuous risk scoring, and real-time enforcement of least privilege. Assessments are performed while agents are running. If something deviates, the AI Control Tower can catch it before it escalates. The interoperability of the Agent-to-Agent Protocol (A2A) and Model Context Protocol (MCP) means that any agent on any platform operates within a controlled framework that links decision-making to context and accountability to action. This same controlled framework extends to ServiceNow’s partner ecosystem, so that third-party security tools that enterprises already use inform a continuously updating overall picture of their posture. ServiceNow’s in-house security operations team operates Autonomous Security & Risk and uses AI agents to process incidents 7 times faster than traditional workflows, document all actions, and make all decisions traceable.
Businesses are already seeing results on the ServiceNow AI Platform . A global energy company operating in more than 70 countries saved 1.2 million hours and reduced the time it takes to contain threats by 97% by automating security operations. A leading U.S. financial services firm eliminated 96% of dormant non-human identities and transformed the principle of least privilege from a policy goal into a reality that is reliably enforced. A Fortune 100 aerospace manufacturer replaced manual audit preparation with a self-capturing trail, reducing the time it takes to complete proof of control by 75% and the time it takes to close compliance gaps by 85%.
Companies that establish this foundation of complete visibility, controlled identity, integrated risk, and autonomous response will have a decisive advantage as AI accelerates. ServiceNow provides security and risk leaders with a single view of how exposure, incident, and identity decisions are reflected in the enterprise’s risk posture in real time, and provides the audit trails that regulators need.
SOURCE: PRTimes
English