ServiceNow Confirms $7.75B Acquisition of Armis; Enterprise Security Strategy Gains New Scale

What happened

ServiceNow announced that it has agreed to acquire cybersecurity company Armis for approximately $7.75 billion in cash in what will be the largest acquisition in the company’s history. Armis, known for device and connected asset security across IT, OT, IoT, and medical environments, will be integrated into ServiceNow’s broader security and risk platform. The transaction is expected to close in the second half of 2026, subject to regulatory approvals and customary conditions.

Who is affected

• ServiceNow customers and partners who leverage its platform for IT service management, security operations, and risk workflows.
• Armis customers whose technology and support relationships may transition as part of the acquisition.
• Enterprise security teams evaluating integrated versus best‑of‑breed cybersecurity tooling. 
• The broader cybersecurity vendor ecosystem, where consolidation pressures are increasing.

Why CISOs should care

1. Strategic platform expansion: ServiceNow’s acquisition of Armis underscores a shift toward embedding deeper cyber exposure and device security capabilities directly within enterprise workflow platforms. This could influence long‑term sourcing decisions around security tooling and integration strategies. 
2. Device and asset risk visibility: Armis brings real‑time discovery and risk prioritization for unmanaged devices, a growing blind spot for many organizations as IoT and operational technology proliferate.
3. Market consolidation dynamics: Large M&A activity in cybersecurity can accelerate consolidation, with implications for innovation, pricing, and contractual flexibility that CISOs should monitor as they architect security stacks.

3 Practical actions

1. Re‑assess platform reliance: Review your organization’s dependency on single‑vendor security platforms versus modular toolsets. Model cost, capabilities, and risk implications if roadmap priorities shift after acquisition.
2. Validate asset visibility coverage: Conduct a gap analysis of visibility across IT, OT, IoT, and connected devices, ensuring your security program incorporates real‑time monitoring and prioritization regardless of vendor.
3. Engage cross‑functional stakeholders early: If you use ServiceNow or Armis solutions, start discussions with procurement, IT, and security operations about potential change impacts to contracts, support, and integrations.

Related insight: This deal builds on ServiceNow’s broader cybersecurity strategy, which earlier in 2025 included its acquisition of Veza, a move emphasizing identity governance and access management as part of an integrated security framework.