ServiceNow opens $7.7B ticket titled ‘Buy security company, make it Armis’

Steven

ServiceNow opens $7.7B ticket titled ‘Buy security company, make it Armis’

Summary

ServiceNow has agreed to acquire cybersecurity firm Armis for about $7.75 billion, a deal expected to close in the second half of 2026 and financed with cash and debt. The plan is to fold Armis’ real-time device discovery and security intelligence into ServiceNow’s Configuration Management Database (CMDB) to let organisations see vulnerabilities, prioritise risk and close issues with automated workflows.

The move is part of a broader acquisition streak from ServiceNow this year (including Veza and Data.World) aimed at beefing up security, data and AI capabilities. ServiceNow currently does around $1bn in security revenue and expects the Armis purchase to significantly increase that figure. Armis brings about $340m ARR, 950 employees and a position as a 2025 Gartner leader in cyber-physical systems protection.

Key Points

  1. ServiceNow will buy Armis for $7.75 billion; close expected in H2 2026 and financed with a mix of cash and debt.
  2. Armis’ device discovery and real-time security intelligence will be joined with ServiceNow’s CMDB to surface vulnerabilities and automate remediation workflows.
  3. ServiceNow hopes the acquisition will materially increase its security revenue (currently ~ $1bn annually).
  4. Armis: c.950 employees, ~$340m ARR, recognised in Gartner’s 2025 Magic Quadrant for Cyber-Physical Systems Protection Platforms.
  5. The deal follows other buys (Veza, Data.World, Cueln, Logik.ai, Quality 360) signalling a strategic push into data, identity and AI-driven security operations.
  6. Analysts (Forrester) see the acquisition as a major capability expansion — more discovery data plus Data.World’s governance gives ServiceNow more fuel for AI and strategic data use.

Context and Relevance

This acquisition is a clear example of platformification of security: ITSM vendors are moving beyond ticketing to become the control plane for security and operational data. By marrying Armis’ visibility across IT, OT and medical devices with ServiceNow’s workflow engine and CMDB, customers could get fewer point products and more integrated detection-to-remediation paths.

For CISOs, IT ops and platform buyers it matters because it changes vendor selection: organisations that already use ServiceNow may gain more seamless security automation, while competitors will need to respond. It also underscores a broader industry trend — consolidating telemetry, governance and AI capabilities to speed incident response and reduce risk across diverse device fleets.

Why should I read this?

Short version: if you care about enterprise security, ITSM or vendor consolidation, this is one to skim. ServiceNow just pumped nearly $8bn into a company that sees everything on the network — that could save your team time and reduce noisy tool sprawl, or it could lock you into one vendor. Either way, it shapes where enterprise security tooling is headed next.

Source

Source: https://go.theregister.com/feed/www.theregister.com/2025/12/23/servicenow_to_buy_armis_in/