Key Takeaways
- ServiceNow’s acquisition of Armis adds real‑time cyber‑asset intelligence across OT, IoT, medical devices, physical AI, code, and cloud to its security platform.
- Combined with the earlier Veza acquisition, ServiceNow now offers continuous identity‑and‑asset visibility that fuels AI‑driven, automated remediation.
- The joint solution closes the detection‑to‑response gap by giving security teams contextual awareness and policy‑bound, auditable actions.
- An new AI Center for Cyber Defense will pioneer autonomous, agentic cyber‑defense capabilities and bridge research with enterprise practice.
- Armis’ strong foothold in Fortune‑10/100 and public‑sector customers, together with ServiceNow’s installed base, creates immediate market demand and partnership opportunities.
Acquisition Completion and Strategic Fit
ServiceNow has finalized its purchase of Armis, a leader in cyber exposure management, to embed continuous, AI‑powered visibility and protection across every connected asset. The deal expands ServiceNow’s security platform beyond pure IT into the physical and operational layers of the enterprise, providing the cyber‑asset intelligence foundation needed to deploy agentic AI with trust and control at scale. By integrating Armis’ real‑time asset data, ServiceNow can now see, assess, and act on risk across OT, IoT, medical devices, physical AI, code, and cloud environments in a unified manner.
Complementary Acquisition of Veza
The Armis deal follows ServiceNow’s March 2026 acquisition of Veza, which delivered AI‑native identity intelligence to the platform. Veza’s Access Graph offers continuous insight into who—or what—has access to every digital resource, covering human, machine, and AI‑agent identities. Together, Armis supplies the “what” (asset visibility) while Veza supplies the “who/what” (access context), creating a dual‑layer foundation that powers both pre‑breach prevention and post‑breach response.
Fragmented Security Landscape Challenge
Security teams today wrestle with fragmented point‑solution stacks where detection tools cannot execute remediation, and remediation tools lack full environmental visibility. This structural disconnect widens the gap between detection and response, exponentially increasing risk—especially as enterprises adopt agentic AI that expands the attack surface beyond traditional IT boundaries. ServiceNow aims to eliminate this split by uniting visibility and action within a single, governed workflow.
Identity and Machine Proliferation Risks
Stolen credentials remain the primary entry point for attackers, a problem amplified by the explosion of machine identities, which now outnumber human identities by more than 80 to 1. Nearly half of these machine identities carry sensitive or privileged access that many organizations cannot fully see or control, enabling lateral‑movement attacks. As agentic AI agents proliferate, the attack surface further includes autonomous agents, unmanaged OT devices, and other connected systems in manufacturing, healthcare, and critical infrastructure—areas legacy tools were never designed to guard.
Armis Asset Intelligence Capabilities
Armis delivers continuous, real‑time discovery and tracking of nearly 7 billion devices, covering OT, IoT, medical devices, physical AI, code, and cloud. Its non‑invasive sensors provide granular asset intelligence without disrupting operations, giving enterprises an up‑to‑the‑minute view of their cyber‑physical environment. This depth of visibility is essential for spotting shadow assets, misconfigurations, and anomalous behavior before they can be exploited.
Veza Access Graph and Context Engine
Veza’s Access Graph maps every permission and access path across human, machine, and AI‑agent identities, creating a living inventory of who can do what. When combined with Armis’ asset data, these two graphs feed ServiceNow’s Context Engine—the organizational intelligence layer that links assets and identities to the services, processes, teams, and policies that depend on them. The Context Engine enables automatic risk prioritization, ensuring that security actions focus on the most critical exposures.
AI Control Tower and Automated Remediation
Powered by the Context Engine, ServiceNow’s AI Control Tower turns exposure into automated, policy‑bound remediation. Every recommended action is vetted against business rules, executed through standardized workflows, and logged for full auditability. This closed‑loop approach means that once a risk is detected, the platform can autonomously isolate a vulnerable device, revoke excess privileges, or patch a vulnerability—while providing security leaders with a transparent trace of each step.
Leadership Quotes and Vision
Amit Zavery, President, COO, and CPO of ServiceNow, emphasized that “Most security platforms stop at the alert. ServiceNow closes the loop,” noting that Armis supplies real‑time, contextual awareness into the cyber risk of every asset, including those hidden from conventional tools. Yevgeny Dibrov, co‑founder and CEO of Armis, added that joining ServiceNow—already bolstered by Veza—allows them to “address this mission tenfold” to safeguard the world’s most complex enterprise environments. Their statements underscore a shared vision of proactive, AI‑driven security that governs every action.
Integration, Availability, Partner Opportunities
For existing Armis customers, Armis Centrix now runs with the full backing of ServiceNow’s product, engineering, and go‑to‑market teams, and is already integrated with the ServiceNow AI Platform as a standalone offering—with deeper integration slated for the near term. Customers of both companies can immediately leverage the combined capabilities, while partners can accelerate revenue by tapping into rising demand for agentic AI deployment that requires trust and control at scale. Early adopters include nine of the Fortune 10 and more than 35 % of the Fortune 100, alongside numerous public‑sector and government entities.
AI Center for Cyber Defense
ServiceNow is establishing an AI Center for Cyber Defense—a global hub dedicated to building the next‑generation AI security stack and pioneering the shift from reactive to autonomous, agentic cyber defense. The center will bridge AI research and practical cybersecurity solutions, serve as a definitive resource for enterprise security leaders transitioning to AI‑native postures, and develop expertise to anticipate and neutralize AI‑driven threats before they materialize. This initiative signals ServiceNow’s long‑term commitment to staying ahead of evolving adversarial tactics.
Market Impact and Growth Metrics
Since the acquisition announcement four months ago, Armis has continued to operate independently while maintaining multiple integrations that feed asset intelligence into ServiceNow workflow actions—proving the integration is an acceleration, not a start. Armis’ strong foothold in major enterprises and public sectors, combined with ServiceNow’s security and risk business surpassing $1 billion in annual contract value in Q3 2025, provides a solid foundation for rapid expansion. Together, Armis and Veza are expected to more than triple ServiceNow’s addressable market for security‑risk solutions, positioning the company to capture a larger share of the growing AI‑driven security spend.