All news with #servicenow tag

🔒 The integration of Prisma AIRS with ServiceNow's AI Control Tower embeds AI runtime security and model governance directly into enterprise workflows. Prisma AIRS delivers real‑time detection and blocking of threats such as prompt injection and offensive outputs, while Model Security supplies risk profiles, red‑teaming results and vulnerability reports for third‑party and custom models. Together they provide centralized visibility, policy enforcement and safer AI adoption without disrupting user productivity.

🔧 Palo Alto Networks, ServiceNow, and Bell Canada have built a ServiceNow application that automates the full lifecycle of Prisma SASE, creating a direct bridge between security operations and service management. The Prisma SASE app accelerates deployment from months to hours by automating Day 0–Day N tasks—provisioning, ZTNA connector setup, and mobile user workflows—while eliminating swivel-chair operations by syncing incidents into a single ServiceNow interface. ServiceNow’s Service Bridge enables cross-instance support for MSPs and the app supports direct CSP ticket creation, reducing MTTR and operational overhead.

🛡️ January brought several high-impact incidents that underline persistent enterprise risks. ServiceNow patched a critical AI-driven vulnerability (CVE-2025-12420) that could let unauthenticated actors impersonate admins on its AI platform. Unsecured Zendesk systems were abused for a large spam campaign, while the World Economic Forum reports cyber-fraud has overtaken ransomware as CEOs' top worry. Nike is also probing an alleged theft of 1.4 TB of data.

⚠️ Research firm AppOmni disclosed a critical privilege-escalation vulnerability called BodySnatcher in ServiceNow’s Now Assist AI Agents and Virtual Agent API that could let unauthenticated actors execute workflows as arbitrary users. ServiceNow says hosted instances were patched at the end of October and customers should upgrade to specified Now Assist and Virtual Agent API versions. AppOmni warns that default example agents and permissive authentication choices mean similar risky configurations could still exist in custom code or third-party integrations, and recommends enforcing MFA, reviewing agents, and applying the updates promptly.

🔒 ServiceNow has released fixes for a critical flaw in its ServiceNow AI Platform that could allow an unauthenticated actor to impersonate other users and perform arbitrary actions. Tracked as CVE-2025-12420 with a CVSS score of 9.3, the issue was addressed on October 30, 2025 and deployed to the majority of hosted instances. Patches were also shared with partners and self-hosted customers; administrators are advised to apply updates promptly to mitigate risk.

🔒 ServiceNow will pay $7.8bn to acquire OT and IoT security specialist Armis, aiming to extend and enhance its security, risk and operational technology portfolios. The all-cash deal, expected to close in the second half of 2026, is positioned to more than triple ServiceNow’s security market opportunity. ServiceNow said Armis telemetry and asset insights will be integrated into its AI Control Tower to bolster AI governance and deliver automated remediation at scale. Executing on integration — notably tying Armis data into ServiceNow’s CMDB and workflows — is seen as the critical determinant of value realization.

🔐 ServiceNow announced a $7.75 billion cash acquisition of cybersecurity vendor Armis, its largest deal to date, aiming to integrate device and asset visibility into its AI-driven workflow platform. Executives say the purchase will create an end-to-end security exposure and operations stack that ties discovery, governance, and remediation across IT, OT, IoT and edge. Analysts welcomed the move but warned it may push organizations from best-of-breed tools toward suite consolidation, and that full integration will take time.

🔐 ServiceNow is reportedly in advanced talks to acquire identity-security startup Veza for more than $1 billion, a deal that could be announced next week. The move would pair ServiceNow's recent AI automation capabilities from Moveworks with Veza's Authorization Graph to map and govern permissions for human and machine identities. For customers, the acquisition aims to close trust and governance gaps around AI agents and non-human accounts, though integration, licensing, and standalone availability questions remain.

🚀 AWS Glue zero-ETL integrations now support AWS CloudFormation and the AWS Cloud Development Kit (CDK), enabling creation and management of zero-ETL integrations using infrastructure as code. This lets teams ingest data from DynamoDB and enterprise SaaS sources (Salesforce, ServiceNow, SAP, Zendesk) into Amazon Redshift, S3, and S3 Tables. CloudFormation and CDK support makes it easier to deploy, update, and version-control zero-ETL configurations consistently across multiple AWS accounts.

🔒 AppOmni disclosed a second-order prompt injection that abuses ServiceNow's Now Assist agent discovery and agent-to-agent collaboration to perform unauthorized actions. A benign agent parsing attacker-crafted prompts can recruit other agents to read or modify records, exfiltrate data, or escalate privileges — all enabled by default configuration choices. AppOmni recommends supervised execution, disabling autonomous overrides, agent segmentation, and active monitoring to reduce risk.

🔧 Pentera today unveiled Pentera Resolve, a platform extension that embeds automated remediation workflows into security validation to bridge the persistent remediation gap. The product converts validated findings into tracked, auditable tickets routed to owners in tools like ServiceNow, Jira, and Slack. Powered by AI-driven triage and contextual enrichment, it aims to replace manual consolidation with a measurable, repeatable remediation loop of validate, remediate, and re-test.

🤖 Amazon Quick Suite is now generally available as an agentic, AI-powered workspace that retrieves insights across the public internet and your enterprise data stores — including Slack, Salesforce, Snowflake, databases, and other documents — and moves instantly from answers to actions. Quick Suite can execute or trigger tasks in popular applications like Salesforce, Jira, and ServiceNow, and automate workflows from RFP responses to invoice processing and account reconciliation. AWS highlights customer privacy — queries and data are not used to train models — and administrators can enable and tailor the experience quickly; new customers receive a 30-day trial for up to 25 users.

🔁 Penetration testing delivery must evolve from static, manual reports to automated, real-time workflows that shorten remediation cycles and improve visibility. This contributed piece highlights seven practical automation workflows — from auto-creating remediation tickets in Jira or ServiceNow to auto-closing informational findings — that reduce triage noise and accelerate fixes. Implementing targeted rules and alerts ensures findings reach the right teams immediately and supports continuous testing practices.

🛡️ AWS Security Incident Response now integrates with popular ITSM platforms like Jira and ServiceNow, offering bidirectional synchronization for issues, comments, attachments, and case updates. The connectors are provided as open-source projects on GitHub with sample code, deployment instructions, and implementation best practices. A modular design and technical documentation make it straightforward to extend support to additional ITSM targets and to leverage AI assistants for rapid customization.