ServiceNow Completes Acquisition of Armis, Closing the Gap in Asset Visibility and Cyber Risk
ServiceNow has finalized its acquisition of Armis, significantly enhancing real-time discovery and protection across all connected assets from OT to cloud, providing a secure foundation for scalable Agentic AI deployments.
📋 Article Processing Timeline
- 📰 Published: April 22, 2026 at 22:00
- 🔍 Collected: April 23, 2026 at 00:02 (2h 2m after Published)
- 🤖 AI Analyzed: April 24, 2026 at 04:56 (28h 54m after Collected)
Integrating Armis strengthens real-time discovery, prioritization, and protection of cyber assets across IT, OT, IoT, medical devices, physical AI, critical infrastructure, code, and the cloud.
The acquisition of Armis is expected to more than triple ServiceNow's market opportunity in security and risk solutions.
*This document is an abridged translation of a press release announced by ServiceNow, Inc. in the US on April 20, 2026 (US time).
ServiceNow (NYSE: NOW), the "AI control tower" for business transformation, today announced it has completed its acquisition of Armis. Armis, a leading cyber exposure management and security company, provides a comprehensive AI-powered solution that visualizes, protects, and manages cyber risk in real-time across all connected assets, from OT, IoT, medical devices, and physical AI to code and the cloud. This acquisition extends ServiceNow's security platform to the physical and operational layers of organizations. This strengthens the foundation and business context of an organization's cyber asset intelligence, which are essential elements for deploying agentic AI at scale with reliability and control.
The completion of the Armis acquisition follows the acquisition of Veza in March 2026. Veza brings AI-native identity intelligence to the ServiceNow AI Platform, providing continuous visibility into 'who and what' has access to any digital and connected resource. With the acquisition of Armis, ServiceNow's identity intelligence and cyber exposure management capabilities will strongly back critical pre- and post-breach security outcomes as organizations deploy agentic AI at scale. While Armis provides real-time visibility and protection across all connected cyber assets, Veza maps all permissions and access relationships across human, machine, and AI agent identities.
Bridging the Gap Between Visibility and Cyber Risk
Security teams operating stacks of fragmented point solutions have long faced structural challenges. Historically, tools that manage risk could not execute remediation actions, and tools that remediate cyber risk could not see the big picture. As a result, a gap has widened between detection and response, dramatically increasing the risk of security incidents in the age of agentic AI.
Stolen credentials remain the primary entry point for attackers (1), and this problem is worsening. Today, machine identities outnumber human identities by more than 80 to 1. Furthermore, while approximately half of these hold sensitive access permissions or special rights, most organizations lack complete visibility and control over them, creating a vector for lateral movement attacks (an attack method that moves laterally across a network to expand the scope of a breach) (2). As organizations accelerate their use of agentic AI, the attack surface expands further to include autonomous agents, unmanaged OT devices, and other connected systems across manufacturing, healthcare, and critical infrastructure. These are areas that traditional security tools were not designed to handle.
ServiceNow's advantage lies in its architecture. Through non-intrusive discovery, Armis tracks approximately 7 billion devices in real-time, including OT, IoT, medical devices, physical AI, code, and the cloud, delivering continuous, real-time visibility, management, and security across all connected cyber assets. Meanwhile, Veza's 'Access Graph' visualizes all permissions held by human, machine, and AI agent identities across systems. Both of these graphs power ServiceNow's 'Context Engine.' The Context Engine is organizational intelligence that maps assets and identities to the services, processes, teams, and policies that depend on them, thereby grounding every AI action in business reality. As a result, risk prioritization is automated, and remediation occurs autonomously. All actions are auditable and constrained by policy.
The acquisition of Armis is expected to more than triple ServiceNow's market opportunity in security and risk solutions.
*This document is an abridged translation of a press release announced by ServiceNow, Inc. in the US on April 20, 2026 (US time).
ServiceNow (NYSE: NOW), the "AI control tower" for business transformation, today announced it has completed its acquisition of Armis. Armis, a leading cyber exposure management and security company, provides a comprehensive AI-powered solution that visualizes, protects, and manages cyber risk in real-time across all connected assets, from OT, IoT, medical devices, and physical AI to code and the cloud. This acquisition extends ServiceNow's security platform to the physical and operational layers of organizations. This strengthens the foundation and business context of an organization's cyber asset intelligence, which are essential elements for deploying agentic AI at scale with reliability and control.
The completion of the Armis acquisition follows the acquisition of Veza in March 2026. Veza brings AI-native identity intelligence to the ServiceNow AI Platform, providing continuous visibility into 'who and what' has access to any digital and connected resource. With the acquisition of Armis, ServiceNow's identity intelligence and cyber exposure management capabilities will strongly back critical pre- and post-breach security outcomes as organizations deploy agentic AI at scale. While Armis provides real-time visibility and protection across all connected cyber assets, Veza maps all permissions and access relationships across human, machine, and AI agent identities.
Bridging the Gap Between Visibility and Cyber Risk
Security teams operating stacks of fragmented point solutions have long faced structural challenges. Historically, tools that manage risk could not execute remediation actions, and tools that remediate cyber risk could not see the big picture. As a result, a gap has widened between detection and response, dramatically increasing the risk of security incidents in the age of agentic AI.
Stolen credentials remain the primary entry point for attackers (1), and this problem is worsening. Today, machine identities outnumber human identities by more than 80 to 1. Furthermore, while approximately half of these hold sensitive access permissions or special rights, most organizations lack complete visibility and control over them, creating a vector for lateral movement attacks (an attack method that moves laterally across a network to expand the scope of a breach) (2). As organizations accelerate their use of agentic AI, the attack surface expands further to include autonomous agents, unmanaged OT devices, and other connected systems across manufacturing, healthcare, and critical infrastructure. These are areas that traditional security tools were not designed to handle.
ServiceNow's advantage lies in its architecture. Through non-intrusive discovery, Armis tracks approximately 7 billion devices in real-time, including OT, IoT, medical devices, physical AI, code, and the cloud, delivering continuous, real-time visibility, management, and security across all connected cyber assets. Meanwhile, Veza's 'Access Graph' visualizes all permissions held by human, machine, and AI agent identities across systems. Both of these graphs power ServiceNow's 'Context Engine.' The Context Engine is organizational intelligence that maps assets and identities to the services, processes, teams, and policies that depend on them, thereby grounding every AI action in business reality. As a result, risk prioritization is automated, and remediation occurs autonomously. All actions are auditable and constrained by policy.