RSAC 2026 Conference | Marcelle Howard & Amanda Grady, ServiceNow

Clips
More from RSAC 2026 Conference

Marcelle Howard

Director, Platform Product, AI Platform Foundry

ServiceNow

Amanda Grady

VP & GM, Platform Foundations & AI Platform Products

ServiceNow

play_circle_outline Agentic AI: autonomous agents extending workflows, making independent decisions

play_circle_outline Strong data quality and well-defined processes are prerequisites for agentic deployment

play_circle_outline Agents as Identities: Enforcing Least-Privilege Permissions and Mitigating Prompt Injection, PII Leakage, and Malicious Runtime Attacks

play_circle_outline Traceability: logging and AI-specific traces for audits and drift detection; AI Control Tower

Info
Transcript

Marcelle Howard & Amanda Grady, ServiceNow

Marcelle Howard

Director, Platform Product, AI Platform Foundry ServiceNow

Amanda Grady

VP & GM, Platform Foundations & AI Platform Products ServiceNow

In this interview from RSAC 2026, Amanda Grady, vice president and general manager of platform foundations and AI platform products at ServiceNow, joins Marcelle Howard, director of AI platform foundry at ServiceNow, to talk with theCUBE Research's Christophe Bertrand about building the governance and trust foundations required to deploy agentic AI at enterprise scale. Grady frames agents as an emerging identity category — neither machine nor human — requiring distinct access controls and least-privilege permissions tailored to whether an agent acts autonomou... Read more

explore Keep Exploring

How do you operationalize agentic AI — i.e., implement and run agents that make autonomous decisions and help people get work done? add

What steps should an organization take to prepare for and successfully transition to agentic AI deployments? add

What are the main security considerations and best practices for agentic AI, especially regarding access, identity, and runtime protections? add

How do you provide traceability and auditability for decisions and actions taken by AI agents (i.e., logging who did what and when), and do you document, track, and expose that information to customers? add

bolt Powered by CUBE AI

Marcelle Howard & Amanda Grady, ServiceNow

search

Christophe Bertrand

>> Welcome back to theCUBE. Christophe Bertrand here, principal analyst with theCUBE Research. We are at RSAC 2026, day four. We're almost done with this amazing show that was supposed to be about cybersecurity, but it's all about AI. Maybe I got the wrong place, but I'm very, very pleased to be joined for this segment by Amanda Grady and Marcelle Howard from ServiceNow. Welcome to theCUBE. Great to have you.

Amanda Grady

>> Great to be here. Thanks for having us.

Marcelle Howard

>> Thank you.

Christophe Bertrand

>> So Amanda, let's start with you. Tell us what you do.

Amanda Grady

>> Okay. Well, thank you. So my name's Amanda Grady and I lead the platform security organization at ServiceNow. So responsibility for all of our customer facing features around securing the ServiceNow platform.

Christophe Bertrand

>> Small job. Marcelle?

Marcelle Howard

>> . And again, thank you for having us here. I'm a director within our AI platform foundry organization. So our team works with our earliest adopting customers on agentic workflows and autonomous workforce. And we extrapolate the key findings and value metrics out of that group of customers.

Christophe Bertrand

>> Excellent. That's going to be a great conversation. Tell us about ServiceNow.

Marcelle Howard

>> Yeah. So ServiceNow is really the way to modernize workflows across the enterprise. We are the trusted AI platform of digital transformation. So what that means is we have AI, workflows, security, and data that connects organizational structures. So think of that as operations, employees, customers, knowledge, to make workflow seamlessly. And this is why 85% of our Fortune 500 companies use ServiceNow. So we also use this internally. So it works for us and it works for our customers.

Christophe Bertrand

>> Right. Absolutely. And Amanda, I think you have lots of customers, lots of Fortune customers. Generally, how's the business going? What have you seen recently for ServiceNow?

Amanda Grady

>> Yeah. So ServiceNow has had phenomenal growth over the last number of years. We now have over 15,000 customers and we're a leader. We're known as the market leader in IT service management, but really we go far beyond that. It is a platform for all types of work. So the major workflows that we support include employee workflows, CRM, as well as obviously all kind of extensions of IT service management, IT operations management, asset management, and a really large security and risk business as well.

Christophe Bertrand

>> Right, absolutely. I mean, security has to be front and center. And we live in a world now where we've just gone from copilot, feels like yesterday to today, autonomous agents. So I'm curious about your perspective on this topic. What is it changing?

Amanda Grady

>> Yeah. So we are really thinking about agentic AI as the next level where, well, we're already there front and center, but we're moving from a workflow automation platform to being really the agentic AI platform to help customers get work done more easily. And the key difference here is that agents move beyond simple deterministic flows to really independent helpers that can enable humans to get work done more efficiently and much faster with making autonomous decisions.

Christophe Bertrand

>> Right. And that's an interesting topic because obviously you have agents now making decisions. They're an extension of the individual, but they're sort of quasi individuals in a sense because of all the access they have. And I'm curious, Marcelle, how do you operationalize that?

Marcelle Howard

>> It's a great question. It's a question, it's top of mind for all of our customers, everybody from the board to the people who work in the development space. I will say typically what we advise is first principles apply. If you want to move to agentic, it's very much you need the structure in place. That starts with things that we don't always want to talk about, like great data, processes that can be defined and measured, organizational change management and buy-in from the users of this new technology. And so what we've observed is organizations that start with, first of all, pockets where their data is very strong. That data is robust. There's security measures around that. They apply AI capabilities toward that, and then they slowly move into agentic deployment where they can identify what part of a process or a workflow makes the most sense to look at where it can start measuring ROI out of that process and then scaling up from that angle.

Christophe Bertrand

>> Yeah. There have been a number of research and studies on the fact that there's a lack of ROI and it feels like a lot of organizations decided to jump right into AI and maybe did not think through how they would do that. And of course taking big risks, which brings up the question of governance and trust. I see a lot of issues with the way AI is being deployed right now because a lot of people ... With agentic, by the way, because I think the data component itself is not well managed necessarily. Although in ServiceNow, that seems to be something that is actually a strength of the platform, including not just security, just management, understanding what data you have, what you can do with it. So within the actual ServiceNow platform, how do you really enable this trust in governance? So tell us more about that.

Amanda Grady

>> Yeah, absolutely. Well, that's a very big topic, but I can say that we ... I think a core part of security for agentic AI is really around something that you mentioned a moment ago, making sure that AI agents have the right access. So we really think about agents as sort of a new type of identity. They're not machines, they're not humans. They're kind of somewhere in between and they have some overlapping principles that relate to both them. But some of the fundamental-

Christophe Bertrand

>> There's no consequence if you're an agent and you do something wrong, right?

Amanda Grady

>> Well, I mean, you could be terminated, so there can be a pretty serious consequence.

Christophe Bertrand

>> As an agent. As a human, it's a different story. But that's the point I'm making is identities that are very unique. We've never seen this before.

Amanda Grady

>> Yeah, absolutely. And I think it's very much of an evolving space. I think we are definitely going to need some new standards and some are already evolving. But the fundamental principles still apply, making sure that you are applying concept of least privilege, making sure that agents have no more access than they need to do their job. And then you also need to think about, is this an agent that's working on behalf of a human, like with an actions initiated by a human, in which case they may inherit some subset of the human's principles, but they shouldn't necessarily inherit everything. Or if it's a fully autonomous agent, then they need their own distinct identity and their own distinct set of permissions of what data they can access. So that's a really important part of agentic security. I think there's a lot more. I think also making sure the outcomes are reliable, trustworthy, that they haven't drifted from intent. And then of course, the usual AI security, things like making sure there's no prompt injections, making sure there's no offensive language, that personally identifiable information isn't leaking. So there's a lot in the runtime security as well that needs to be thought about.

Christophe Bertrand

>> Right. And you say security, but I really think of it as, really, compliance when it comes to the data. PII is a very good example. The outcomes is something that at times potentially bothers me. It's like, oh, is an agent making a decision, maybe talking to another agent and there's no real judge there to say that this is the right decision. So I think we'll have to see how this evolves. I think it's going to be one of the more interesting topics and how you implement it in the ServiceNow platform to really get to that good outcome that is predictable and repeatable without drift, which of course is probably easier said than done. Another topic that relates back to compliance I'd like to ask you about is traceability. There will be decisions or outcomes that will happen where agents have been involved. What do you do to trace and keep track of everything that happened? Because ideally you would want to know exactly, how shall I put this, who did what to whom and when, and demonstrate that this is the correct result, or at least do have some sort of audit trail that allows you to correct an issue. So is that something you're also documenting and tracking and exposing to your customers?

Amanda Grady

>> Yes, absolutely. So that's something ... So when we think about managing, securing, governing AI, we are actually thinking about it in two ways. We're thinking about AI that's running on our own platform. So obviously, that's our biggest focus at the moment is building the autonomous workforce, but we also have a product called AI Control Tower, which enables us to manage and govern AI across the enterprise. So in both cases, we need to think about both logging to ensure that all of the agents' actions are tracked and can be understood, but also collecting traces so we can understand kind of more AI specific functionality like, is it drifting from its intent? Is it delivering the outcomes it's supposed to deliver? Is it behaving in a secure way? So I think there's really two aspects to it.

Christophe Bertrand

>> Right. Yes. And you mentioned also prompt injections and the risk of the system itself getting hacked in some fashion, therefore creating results that would be abnormal, but because of an attack, et cetera. So I think that's going to be, that just that whole topic in and of itself could be a whole conversation. But I'd like to talk a little bit more about how this gets integrated. Now let's look at the positive side where we have AI, we want it to work. So Marcelle, tell me, how do you put this into play and maybe compare and contrast how that changes security processes potentially?

Marcelle Howard

>> Yeah, sure. So the accountability, the traceability, the trustworthiness is first and foremost. I can't emphasize that point enough that Amanda made. You have to start with the end in mind and value is a derivative of that component. And most organizations today want to get to some level of ROI, some level of value. So you have to look at it in terms of, are you doing interoperability from agent to agent across systems through MCP and using external content connectors, zero copy connectors to data warehouses and data lakes, or are you looking at intra organization and leveraging agents there to do operations and work of that nature? So if you take the example of just getting work done within an organization, typically most companies will use an 85% threshold and they'll say, okay, if it was helpful at 85% or above, that works. But again, that number is really highly dependent on the data quality and that goes back to isolating which process makes the most business sense to start with. So I'll give you an example. So if you take a company, they have a lot of payroll queries, this is common across every single organization. You also have multiple payroll systems and you say, "I want to tackle a subset of that. I want to look at time cards. I want to look at W-4 entries." And you say, "I want to automate a subset of that where the data is strong." You're going to get a higher benefit from starting there in lieu of starting somewhere where it's a high volume, but the process has a lot of sprawl. And so you want to think about agents as using them to be very specific and very measurable, targeting something where you have a lot of good content, knowledge, catalog items, data quality. As opposed to something that's broader, because then you get into this disambiguation argument of the tooling gets dispersed and it may not be as accurate and precise, which is the mark of a good agent to start with.

Christophe Bertrand

>> Yeah. So you don't want to spread it too thin, essentially is what I'm hearing, but it makes perfect sense. You want to have a very discreet and well understood process on which you can then deploy, measure, correct, improve and then expand. So land and expand, but on the basis of well understood processes. And I like the payroll example. Actually, I think that was one of the first things I did in software. I had a payroll software in product management, product marketing. So lots of things have changed. So just a double click question, is it easier for your customers to start with, you said payroll, but should it be payroll? Should it be more technical? What's the best way to start? Where should they go? Is there a comfort level that's going to dictate where they start or should they try to pick where they think they might get or need the most ROI? I know it's a trick question, it may change. But what would you recommend literally to your customers? Where should you start first?

Marcelle Howard

>> Yeah. And you speak about the polarity of move fast, use AI, but then start methodically, right?

Christophe Bertrand

>> Yeah.

Marcelle Howard

>> So we see organizations starting with IT centric use cases like email triage, for example, or resolution routing, things of that nature. Oftentimes they'll start with what I'll call one shot solution. So things like summarization capabilities, resolution note generation on incident case records, to generate data to then lay the groundwork to then go into an agentic flow to say, "Okay, how can we minimize email triage coming into the service desk? Can we automate that process and then more importantly, start to look at it in terms of tangible and intangible benefit?" And so tangible meaning we have organizations that will take something that's two days and reduce it down to two minutes where they start to see upwards of 13% meantime to resolution savings across the enterprise. But then there's also a component of intangible benefit where you say, "If I'm working in the service desk and I click this button and it costs me five cents, do I get 100 times ROI? So do I save at least $5 from performing that action?" And that's usually a baseline threshold hurdle rate that organizations should follow in terms of proxy to determine where to start and where to invest.

Christophe Bertrand

>> Okay. Well, it sounds so simple when you say it, but I believe that, or I'm pretty sure that there must be at least 20 good candidates in terms of processes, workflows, or urgent needs that could qualify. So to what extent do you advise your clients, do they come to you for advice? Where should I start? Or do they just try something and then tell you about it?

Marcelle Howard

>> All the time. Again, we want them starting with compliance, trust, transparency in mind, because that's going to drive user adoption. And so starting with the end in mind, figuring out what is the value that I need to realize, how do I build trustworthiness? How do I monitor? These, again, to Amanda's point, that needs to be first and foremost thought through the governance model. And then secondly, business operations, how are we going to measure this? How are we going to be able to establish ROI from this type of software investment and then moving forward with the low hanging fruit?

Christophe Bertrand

>> Great. Well, look, in closing, I'd love your thoughts on where this is all going. What does the future look like, Amanda? Tell me.

Amanda Grady

>> So I think this is a ... I heard that the great Kevin Mandia, the cybersecurity legend speaking yesterday, and he said RSAC this year is not really a security conference. It's more like an AI conference. And it's the first time when CIOs and CISOs are coming here, not just to buy products, but really to try and figure out exactly that, where is it all going? And I think it's really hard to predict beyond six months, but what we do know is AI is going to dramatically change the way we all work. It's going to bring amazing productivity gains. And I think those that do it with security in mind will ultimately be the ones that move faster in the long run. CIOs are under tremendous pressure to see value realization from their AI investments and security can sometimes end up taking a back seat. But I do believe those that are thinking about security will, in the end, ultimately be the ones that move faster.

Christophe Bertrand

>> Excellent. Marcelle, your closing thoughts?

Marcelle Howard

>> Yeah, sure. If we're taking trust as the ultimate currency here, there's been a lot of discussion about, at least at this conference, bringing together public sector, private sector, closing the gap between technically opposing forces, and this is true for within the organization. So if I could see if organizations can get end user buy-in, whether that's customers, employees, professional users within the organization to really give input and feedback loops and apply a systems theory to, again, start methodically slow, build trust, get the governance set up, and then start scaling, but bring everybody together to say, how do we move in unison and really get the buy-in and the ultimate feedback from the people using it, because that's really who's going to drive adoption ultimately.

Christophe Bertrand

>> Great. Thank you. Well, teamwork, I guess, is what it is. People, processes, and technology, always very, very true and always easily forgotten.That's what I think is going on. But look, lots of things are going on with AI. It was great to hear your perspectives, and I'm very curious to see what ServiceNow will be doing in the next few months and the next few quarters, because there's so much going on. You have a great set of customers, clearly great initiatives, and more importantly, clients who are willing and want to get ROI out of AI. So very curious to see how it all plays out. Thank you very much for joining us today.

Amanda Grady

>> Thanks for having us, Christophe.

Christophe Bertrand

>> And to our viewers, thank you very much for your time. RSAC 2026 in San Francisco.