ServiceNow Buys Armis, Widens Security Play for Partners

ServiceNow has agreed to acquire cyber exposure management firm Armis in an all-cash transaction valued at approximately $7.75 billion, marking the largest acquisition in the workflow automation vendor’s history and a significant escalation of its security ambitions.

For channel partners, the acquisition underscores a broader industry shift toward converged platforms that tie security outcomes directly to automated remediation, governance, and business context.

A platform-driven security play with channel implications

Long known for IT service management and workflow automation, ServiceNow has steadily expanded into security and risk management as enterprises look to reduce tool sprawl and operational silos. 

The Armis acquisition follows recent moves by ServiceNow to broaden its security footprint, including investments in identity security and AI automation.

For MSPs and solution providers, the move reinforces ServiceNow’s intent to position its platform as a central system of action — not just for IT operations, but for security exposure, response, and compliance workflows across hybrid environments.

“Security is paramount. When we are thinking about the platform and our products, we are always thinking AI first. Then we are thinking security first. There is no second,” ServiceNow SVP of Digital Business Services and Experiences Sankha Nagchoudhury told Channel Insider in November. 

“So AI first, security first, and protecting data is very critical as well. We are in critical business, in government, in financials, so that protection becomes key,” he continued.

ServiceNow says deal will expand how the platform embeds security into operations

ServiceNow executives framed the deal as a way to embed security more deeply into day-to-day operations, rather than treating it as a standalone function. 

By integrating Armis’ data into its platform, ServiceNow aims to help organizations identify risks and act on them faster, using automation rather than manual processes.

“ServiceNow is building the security platform of tomorrow,” said Amit Zavery, president, chief operating officer, and chief product officer at ServiceNow, in a statement. 

“In the agentic AI era, intelligent trust and governance that span any cloud, any asset, any AI system, and any device are non-negotiable if companies want to scale AI for the long-term. Together with Armis, we will deliver an industry-defining strategic cybersecurity shield for real-time, end-to-end proactive protection across all technology estates. Modern cyber risk doesn’t stay neatly confined to a single silo, and with security built into the ServiceNow AI Platform, neither will we.”

Why cyber exposure management matters for MSPs and critical infrastructure partners

Founded in 2015, Armis specializes in cyber exposure management and cyber-physical security, offering continuous visibility across IT, operational technology (OT), IoT, medical devices, and unmanaged or hard-to-see assets.

ServiceNow said the combination of the two platforms will allow customers to connect Armis’ asset and threat intelligence directly to ServiceNow’s automated workflows for incident response, remediation, and governance.

The integration is expected to feed Armis data into ServiceNow’s configuration management database (CMDB), providing security teams with richer business context around risk. 

For MSPs, that visibility can translate into new managed security offerings tied to asset monitoring, risk scoring, and compliance support, particularly in highly regulated or mission-critical sectors.

AI-era security bets reshape ServiceNow’s partner strategy

ServiceNow framed the acquisition as part of its response to an AI-driven threat landscape, where expanding attack surfaces and connected devices increase organizational risk. It is also the latest in a string of major announcements the company has made throughout the course of 2025.

ServiceNow updated its partner program in January and invested heavily in the AI-first expansion of its platform throughout the year.

The channel, in turn, noticed the end-user demand for ServiceNow-specific services. 

Providers began acquiring consultancy and services firms to bolster their ServiceNow ecosystem approaches, a sign that the channel is responding to the moves the IT giant is making.

From Armis’ perspective, joining ServiceNow offers scale and reach, particularly in the public sector and critical infrastructure markets where both companies already have strong customer footprints.

“AI is transforming the threat landscape faster than most organizations can adapt. Every connected asset has become a potential point of vulnerability,” said Yevgeny Dibrov, co-founder and CEO of Armis, in a statement. 

“We built Armis to protect the most critical environments and give both public and private sector organizations the real-time intelligence they need to stay ahead – so they can see their entire environment clearly, understand risk in context, and take action before an incident occurs. Together with ServiceNow, customers will have a powerful new way to reduce their exposure and strengthen security at scale.”

What the acquisition means for ServiceNow customers and partners

ServiceNow said it plans to maintain continuity for existing Armis customers and partners while expanding joint go-to-market opportunities over time. 

The deal is expected to close at some point in 2026, pending standard regulatory approvals and customary closing conditions.

What partners should watch:

• How quickly Armis’ capabilities are integrated into ServiceNow security workflows
• Whether ServiceNow introduces new partner incentives tied to security and risk use cases
• Increased demand for OT, IoT, and cyber-physical security services
• Greater emphasis on outcome-based security delivery over point products

“In the era of AI and agents, the benefits and value will be enormous, but so is the complexity,” said Larry Feinsmith, head of global tech strategy, innovation, and partnerships at JPMorgan Chase. “The combination of ServiceNow and Armis provides a dynamic picture of an enterprise’s connected technology assets and an AI and agentic powered blueprint to secure and enable trusted AI.”

As platform consolidation accelerates across the security market, ServiceNow’s Armis acquisition signals a clear message to the channel: security, workflows, and AI are converging — and partners will be expected to deliver across all three.