ServiceNow announced it will acquire cybersecurity firm Armis for $7.75 billion, a deal expected to close in the second half of 2026 that will merge the workflow giant’s configuration management database with Armis’ real-time asset discovery capabilities. The acquisition aims to triple ServiceNow’s $1 billion annual security revenue while providing enterprises with an integrated platform to identify vulnerabilities, prioritize risks and automate remediation workflows across IT, operational technology and cloud environments.
The deal represents ServiceNow’s most aggressive security play to date, combining its existing CMDB with Armis’ data discovery tools to eliminate what ServiceNow calls the “patchwork of software solutions” enterprises currently deploy to secure their estates. With Armis bringing 950 employees, $340 million in annual recurring revenue and recognition as a 2025 Gartner Magic Quadrant leader for cyber-physical systems protection platforms, the acquisition positions ServiceNow to address a rapidly expanding market.
Integration Imperatives for ERP and Enterprise Architecture Leaders
For technology executives managing ERP landscapes, the ServiceNow-Armis combination addresses a persistent challenge: bridging the gap between IT service management platforms and the security posture of business-critical systems. Organizations already integrating ServiceNow with SAP environments for change management and incident tracking will need to evaluate how Armis’ asset intelligence capabilities enhance visibility into ERP vulnerabilities and integration points.
The cyber-physical systems market, where Armis operates, has become increasingly relevant to ERP environments as manufacturing, healthcare and industrial enterprises connect operational technology to enterprise systems. Armis Centrix, the company’s exposure management platform, claims to discover up to 75% of vulnerabilities without traditional network scans, using selective queries and micro-agents to minimize infrastructure disruption.
Enterprises evaluating vulnerability management platforms should prioritize several criteria including:
- The ability to provide unified visibility across IT and OT assets without requiring separate point solutions
- Integration depth with existing ITSM workflows
- Automation capabilities that connect risk identification to remediation workflows.
ServiceNow’s acquisition of Data.World and Veza suggests the company is building a data governance layer to handle the massive volumes of asset and vulnerability data that Armis will generate.
Integration patterns between ServiceNow and ERP systems typically follow event-driven architectures with careful governance around which system serves as the record of truth. For security and asset management, organizations designate ServiceNow as the enterprise governance platform while keeping SAP or other ERP systems as the technical execution environment.
The challenge for ERP teams will be determining how to incorporate Armis’ vulnerability intelligence into existing change management and patching processes. SAP customers face persistent difficulties with security patch management, driven by downtime constraints and validation complexity. Automated risk-based analysis and testing capabilities, potentially enabled by the combination, could address these chronic patching backlogs.
What This Means for ERP Insiders
Security becomes a workflow, not a silo. ServiceNow’s $7.7 billion bet on Armis reflects a fundamental shift in enterprise architecture strategy: security intelligence must flow directly into business process automation. For ERP vendors and systems integrators, this signals that vulnerability management capabilities will increasingly be evaluated based on their integration depth with ITSM platforms rather than as standalone security tools.
Asset intelligence becomes foundational to digital transformation. The combination of ServiceNow’s CMDB with Armis’ asset discovery positions real-time asset intelligence as critical infrastructure for AI-driven automation. Enterprise architects must now account for continuous asset visibility across IT, OT and IoT environments as a prerequisite for agentic workflows. This shifts asset management from a compliance exercise to a strategic data layer that enables autonomous decision-making in procurement, change management and capacity planning.
Integration complexity will differentiate implementation partners. ServiceNow’s acquisition spree, including six deals in 2025 such as Armis, Veza and Data.World, creates integration challenges that will separate capable systems integrators from the rest. ERP implementation partners must develop competencies in orchestrating ServiceNow workflows with SAP change management, vulnerability remediation processes and identity governance frameworks.
