ServiceNow Strengthens cybersecurity Portfolio with Armis Acquisition, Expanding Real-Time Risk Management Across Connected Assets
ServiceNow has finalized its acquisition of Armis, a prominent player in cyber exposure management and security. This strategic move enhances ServiceNow’s capabilities by integrating an AI-driven solution that effectively monitors, protects, and manages cyber risks across a diverse range of connected assets, including operational technology (OT), Internet of Things (IoT) devices, medical equipment, physical AI, code, and cloud environments. The acquisition marks a significant expansion of ServiceNow’s security platform, enabling it to penetrate deeper into the physical and operational layers of enterprises. This integration provides the necessary cyber asset intelligence and business context essential for deploying agentic AI with trust and control at scale.
Context of the Acquisition
This acquisition follows ServiceNow’s earlier purchase of Veza in March 2026, which introduced AI-native identity intelligence to the ServiceNow AI Platform. This acquisition enabled enterprises to gain continuous visibility into access permissions for every digital and connected resource. With the addition of Armis, ServiceNow enhances its identity intelligence and cyber exposure management capabilities, which are critical for both pre-breach and post-breach security outcomes. The synergy between Armis and Veza allows ServiceNow to deliver real-time visibility and protection across all connected cyber assets while effectively mapping permissions and access paths across human, machine, and AI agent identities.
Bridging the Visibility Gap
Security teams have long struggled with fragmented point solutions that create a structural challenge in managing cyber risks. Historically, tools designed to manage risk lack the capability to execute remediation actions, while those that can remediate risks often do not provide a comprehensive view of the security landscape. This disconnect has widened the gap between detection and response, significantly increasing the likelihood of security incidents, especially in the age of agentic AI.
As cyber threats evolve, stolen credentials remain the primary entry point for attackers, a trend that is accelerating. Machine identities now outnumber human identities by more than 80 to 1, with nearly half possessing sensitive or privileged access rights that organizations struggle to monitor and control. This situation has led to an increase in lateral movement attacks. As enterprises adopt agentic AI, their attack surfaces have expanded to include autonomous agents, unmanaged OT devices, and other connected systems across sectors like manufacturing, healthcare, and critical infrastructure—areas where traditional security tools fall short.
Architectural Advantages of ServiceNow
ServiceNow’s architectural advantage lies in its integration of Armis, which offers continuous, real-time visibility and management across every connected cyber asset through non-invasive discovery. Armis tracks nearly 7 billion devices in real time, encompassing OT, IoT, medical devices, physical AI, code, and cloud environments. Additionally, Veza’s Access Graph provides cross-system visibility into every permission held by human, machine, and AI agent identities. Together, these capabilities power ServiceNow’s Context Engine, which grounds AI actions in business reality by mapping assets and identities to the services, processes, teams, and policies that rely on them. This integration enables automatic risk prioritization and autonomous remediation, ensuring that every action is auditable and aligned with organizational policies.
Amit Zavery, president, chief operating officer, and chief product officer at ServiceNow, emphasized the significance of this integration: “Most security platforms stop at the alert. ServiceNow closes the loop. Armis gives us real-time, contextual awareness into the cyber risk of every connected asset, including the devices and systems that conventional tools were never built to see. Combined with Veza’s identity intelligence, that signal flows into ServiceNow’s Context Engine and AI Control Tower, turning exposure into automated remediation with governance and a full audit trail built in at every step.”
Implications for Customers and Partners
For existing Armis customers, the Armis Centrix platform will now operate under the full support of ServiceNow’s product, engineering, and global go-to-market organization. It is currently integrated with the ServiceNow AI Platform and will remain available as a standalone solution, with deeper integration anticipated in the future.
Customers of both ServiceNow and Armis can start leveraging their combined capabilities immediately, with broader availability expected soon. Partners of both organizations can capitalize on the growing demand from enterprises seeking to deploy agentic AI with trust and control at scale, thereby accelerating revenue opportunities.
Establishing a Global Cyber Defense Hub
In conjunction with the acquisition, ServiceNow is launching an AI Center for Cyber Defense, a global hub focused on developing the next generation of AI security solutions. This center aims to transition from reactive security measures to autonomous, agentic cyber defense. It will serve as a critical resource for enterprise security leaders as they move away from legacy frameworks toward AI-native security postures, equipping them with the expertise necessary to anticipate and neutralize AI-driven attacks before they manifest.
With Armis employees joining the ServiceNow team, the newly combined organization brings extensive expertise in cyber-physical security and risk management to the ServiceNow AI Platform. This collaboration accelerates the roadmap for proactive cybersecurity solutions. ServiceNow recently reported its largest quarter for OT in Q4 2025, and its security and risk business surpassed $1 billion in annual contract value in Q3, establishing a robust foundation for the capabilities that Armis will extend.
The combination of Armis and Veza is projected to more than triple ServiceNow’s addressable market for security and risk solutions, positioning the company as a formidable player in the cybersecurity landscape.
Source: securitymea.com
Keep reading for the latest cybersecurity developments, threat intelligence and breaking updates from across the Middle East.
