ServiceNow used Knowledge 2026 to claim where it wants to sit in the enterprise AI stack. The company is no longer positioning itself only as a workflow platform with AI features. It is pitching itself as the governance and action layer for enterprise agents, identities, connected assets, and workflows.
Per its May 2026 announcements, ServiceNow launched Autonomous Security and Risk, built around the integration of Armis and Veza, and expanded AI Control Tower into a broader governance product designed to discover, observe, govern, secure, and measure AI across enterprise systems. It also made Action Fabric and its Model Context Protocol (MCP) Server generally available, opening ServiceNow’s “system of action” to external agents built on platforms such as Claude, Copilot, or customer-developed stacks.
John Aisien, ServiceNow’s senior vice president and general manager of central product management, security, and risk, said during a press briefing covered by TechTarget, “This is a representative example of what makes ServiceNow a security company uniquely built for the agentic era based on […] three axes: cyber assets, access, and decision context.”
Autonomous Security and Risk Are the Flagship
The headline was Autonomous Security and Risk, which brings Armis and Veza into ServiceNow’s AI platform. Armis contributes continuous asset intelligence across code, IT, OT, IoT, connected devices, and other cyber assets. Veza adds fine-grained visibility and governance over human and non-human identities through its access graph.
The product logic is straightforward. Armis helps identify what exists in the environment, while Veza shows who or what has access to it. ServiceNow then routes that intelligence into security, risk, incident response, and remediation workflows.
Aisien described the problem in board-level terms. “Today’s CISOs have to operate at two speeds: neutralizing threats in real time while reporting risk to the board with conviction,” he said in one announcement. “Autonomous Security & Risk replaces that fragmented stack with a single graph that maps every identity, every permission, and every connected asset, so prevention, detection, and response happen at machine speed.”
ServiceNow is trying to turn identity, asset visibility, and workflow remediation into one operating model. The press release also said the company’s security and risk business crossed $1 billion in annual contract value last year, making it one of the fastest-growing sources of demand on the ServiceNow AI Platform.
Analysis
What this means: ServiceNow is competing for the enterprise AI control layer. The company’s Knowledge 2026 announcements connect asset visibility, identity governance, AI monitoring, and workflow execution into one architecture. For ERP vendors, enterprise architects, and systems integrators, that raises the question of whether AI governance will sit inside business applications, security platforms, or the workflow control layers that span them.
AI Control Tower Moves from Visibility to Enforcement
ServiceNow also expanded AI Control Tower, which it first introduced at Knowledge 2025. The new version is organized around five dimensions:
- Discover—adds 30 enterprise integrations across AWS, Google Cloud, Microsoft Azure, SAP, Oracle, Workday, and other systems, extending AI governance beyond ServiceNow’s own agents.
- Observe—uses technology from ServiceNow’s Traceloop acquisition to monitor agent behavior at runtime.
- Govern—adds five new risk frameworks aligned to NIST and EU AI Act standards.
- Secure—uses Veza to enforce least-privilege access across AI systems, agents, identities, hyperscaler environments, and connected devices.
- Measure—adds cost tracking and ROI dashboards to give enterprises more control over AI spend.
The most operationally important feature is real-time containment. ServiceNow said AI Control Tower can detect when an agent operates beyond its permissions and shut it down in real time. TechTarget described a press demonstration in which Veza’s access graph alerted an administrator to a prompt-injection attack, showed the blast radius across affected systems, disabled the agent and its tools through a ServiceNow AI gateway, and generated a security incident and audit documentation.
ServiceNow is presenting AI Control Tower as an enforcement point, not just a monitoring dashboard. If the platform can discover an agent, understand its access, measure its behavior, trigger approvals or shutdowns, and document the response, then ServiceNow is competing to own the control layer for enterprise AI operations.
Action Fabric Opens ServiceNow to External Agents
The third major product move was ServiceNow Action Fabric, which makes the company’s MCP Server generally available. The announcement opens ServiceNow’s system of action to AI agents built on ServiceNow or outside it, including Claude, Copilot, and customer-developed agents.
The technical distinction is important. ServiceNow is not only letting agents read or write data. It is exposing governed enterprise actions. That includes flows, playbooks, approvals, catalog requests, and other workflows that already carry business context, permissions, and audit trails inside the ServiceNow platform.
The company used employee onboarding as an example. In a system of record, a new hire may be a database row. In ServiceNow, that record can trigger IT provisioning, security badge creation, learning assignments, payroll setup, SLA timers, and escalation workflows. Action Fabric exposes that execution layer to agents without requiring a traditional ServiceNow user interface.
Anthropic is the first named design partner, connecting Claude Cowork to ServiceNow’s governed system of action. Boris Cherny, head of Claude Code at Anthropic, framed the partnership around execution. “The gap between knowing what needs to happen and making it happen is where productivity dies,” he said. “Connecting Claude Cowork to ServiceNow’s system of action closes that gap with enterprise execution, directly in the flow of work.”
Every action runs through AI Control Tower for identity verification, permission scoping, metering, audit trails, session management, OAuth, and role-based tool packages. The MCP Server is generally available now and included in every Now Assist and AI Native SKU, with additional features expected in the second half of 2026. Headless actions consume the same Assist currency customers already use for Now Assist and AI Agents.
Analysis
What this means: Action Fabric makes ServiceNow harder to classify. By opening its system of action to agents from Claude, Copilot, and customer-built environments, ServiceNow is positioning itself less as a user interface and more as governed execution infrastructure. That matters for ERP teams because future agent workflows may start outside the ERP system but still need to trigger, approve, document, and audit work across core enterprise processes.
Adoption Is Real but Uneven
ServiceNow also used Knowledge 2026 to show production adoption, especially in employee service and AI governance.
Rolls-Royce gave the most detailed example. TechTarget reported the company has used Now Assist in production for its help desk since August 2025, achieving a 54% deflection rate and saving 5,000 hours of human help desk time. Separately, ServiceNow’s AI Control Tower announcement quoted Rachel Cameron, vice president of performance and improvement at Rolls-Royce, saying adoption of digital self-service had nearly tripled, with 38,000 tickets deflected in a year and resolution times reduced by 34%.
The Rolls-Royce example shows both progress and friction. The company plans to expand Now Assist across its 45,000 employees, beginning with HR. But Phil Priest, head of global business services at Rolls-Royce, told TechTarget that scaling AI assistants beyond IT requires careful work on the underlying knowledge base. “We’ve realized that as we expand AI assistants beyond our IT to other functions, we really have to almost rewrite our knowledge articles to make them AI-ready,” he said.
That is a reality check on the broader platform narrative. ServiceNow is building governance and action infrastructure, but enterprise adoption still depends on data quality, process clarity, and domain-specific guardrails. Rolls-Royce is also working on agentic automation in accounts payable, where it must address fraud prevention, anti-money laundering, bribery, corruption, and third-party oversight requirements.
Other customer examples reinforced ServiceNow’s positioning. HDFC Bank said AI Control Tower gives it a common governance layer across IT and risk. Rossmann highlighted AI voice agents for store associates working hands-free in their native language. The National Hockey League said the platform helps connect operations across 32 clubs and more than 1,300 games a season. Academy Sports described ServiceNow as a “platform of intelligence” as it connects assets, people, HR, security, supply chain, and retail operations.
Analysis
What this means: Agent adoption still depends on operational readiness. Rolls-Royce’s experience shows that successful AI expansion requires more than deploying assistants. Knowledge articles, process rules, access controls, and domain-specific oversight all have to be rebuilt or hardened before agents can work reliably across functions such as HR, finance, and accounts payable.
Sponsor Industry‑Grade Research
Financial Momentum Strengthens the Platform Case
ServiceNow’s product push came against a strong financial backdrop. TechTarget reported the company posted Q1 2026 revenue of $3.77 billion, up 22% from the prior year, and raised its 2026 subscription revenue guidance to a range of $15.74 billion to $15.78 billion.
ServiceNow is using growth in its core platform, its $1 billion-plus security and risk ACV base, and a series of recent acquisitions to make a broader market claim: Enterprise AI needs a governed control layer, and ServiceNow owns many of the workflow, CMDB, context, and action assets needed to build it.
Analysts quoted by TechTarget gave that claim some support. Forrester analyst Charles Betz said adding security data to the knowledge graph that provides context to agents is a natural extension of ServiceNow’s CMDB roots. Valoir CEO Rebecca Wettemann said the proactive alerting features shown in ServiceNow’s AI Control Tower demo stood out among enterprise agent orchestration platforms.
The caution is also clear in TechTarget’s reporting. Enterprise agent autonomy remains early. Betz noted companies still want deterministic and auditable workflows, which are difficult enough to govern before full autonomy enters the picture. Consultant Thomas Wieberneit said most customer adoption remains scenario-based, often starting in service use cases.
Knowledge 2026 set up ServiceNow’s next test. The company shipped a serious AI governance, security, and action story. Now it has to prove that acquisitions from Armis and Veza can be integrated quickly, that AI Control Tower can move from demo to production enforcement, and that Action Fabric can make external agents useful without creating a new governance burden.
