ServiceNow in talks to buy Armis, signaling deeper push into cybersecurity - Industrial Cyber

Attacks and Vulnerabilities Critical infrastructure Industrial Cyber Attacks IT/OT Collaboration Malware, Phishing & Ransomware News Vendors ServiceNow in talks to buy Armis, signaling deeper push into cybersecurity December 15, 2025 Software vendor ServiceNow Inc. is reportedly in advanced negotiations to acquire Israeli cybersecurity startup Armis in a deal that could value the company at up to US$7 billion, according to people familiar with the matter. While an announcement could come in the next few days, the talks remain fluid and could still collapse or be disrupted by a competing bidder. Founded to address blind spots created by unmanaged and connected devices, Armis focuses on identifying and tracking security threats across complex environments. Its technology is used in sectors where visibility gaps carry serious consequences, including healthcare, financial services, and defense. Armis offers an agentless device security platform designed to give organizations deep visibility and protection across IT, IoT, OT, IoMT, and cloud environments. By continuously discovering, identifying, and monitoring connected assets, the platform helps organizations assess cyber risk, uncover vulnerabilities, and enforce policy compliance across increasingly complex networks. The latest acquisition talks signal a strategic shift for Armis, marking a move toward a sale rather than a long-anticipated initial public offering. Just last month, the cyber exposure management and security company announced a pre-IPO funding round of $435 million, bringing the company’s valuation to $6.1 billion. The round was led by Growth Equity at Goldman Sachs Alternatives with major participation from CapitalG, and was joined by new investor Evolution Equity Partners, alongside several existing investors. On Monday, reports of the potential acquisition had an immediate impact on ServiceNow’s stock, which fell by nearly 11%. The sharp drop suggests investors are weighing the strategic upside of the deal against the scale of the financial commitment it would require. This acquisition would represent about 4% of ServiceNow’s substantial $179.48 billion market capitalization.  Furthermore, if completed at the reported $7 billion price, this acquisition would represent ServiceNow’s largest M&A transaction to date, significantly expanding its footprint in the cybersecurity sector. Shay Michel, managing partner at Merlin Ventures, pointed out that the acquisition of Armis marks a clear entry by ServiceNow into cybersecurity as an integral part of corporate asset and information management.  “After acquiring Veza, an identity-based security platform, this is a consistent strategic move rather than a one-off,” said Michel. “The choice of Armis stems from its ability to provide full visibility into assets that are not managed by traditional IT systems, critical infrastructure, operational systems, industrial equipment, and IoT sensors. Integrating these capabilities into the ServiceNow platform allows that data to flow directly into the configuration management database (CMDB) and trigger response processes as part of the organization’s operational routine.” Anna Ribeiro Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT. Related Marlink warns surge in satellite spoofing is blinding maritime digital infrastructure, disrupting vessel navigation Stryker rules out ransomware, confirms threat actor used non-propagating malicious file FCC expands Covered List to block high-risk routers and drones, tighten ban on foreign-made connectivity devices Tenable Hexa AI brings agentic automation to exposure management across IT, OT and AI environments NIST expands CSF 2.0 toolkit with quick-start guides aligning cyber risk, risk management, workforce strategy PwC Annual Threat Dynamics 2026 discloses that identity attacks surge as AI reshapes cyber threat landscape Forescout achieves FedRAMP high ATO, strengthens security for converged IT, OT and IoT networks Darktrace introduces Adaptive Human Defense to personalize security training and protection across organizations NetRise Provenance launched to expose open source contributor risk, map impact across software supply chains ISA opens call for ISA113 committee to tackle industrial workflow interoperability challenges across industrial systems