ServiceNow’s Bold Leap into Cybersecurity: What the Armis Acquisition Really Means
In a move that’s sending ripples through the tech and cybersecurity worlds, ServiceNow’s acquisition of Armis isn’t just another corporate deal—it’s a game-changer. But here’s where it gets controversial: is this a strategic masterstroke or a risky bet on the future of integrated security? Let’s dive in.
Shay Michel, managing partner at Merlin Ventures, breaks it down: “The acquisition of Armis marks a clear entry by ServiceNow into cybersecurity, not as a sideline, but as a core component of corporate asset and information management.” ServiceNow, already a giant in enterprise software, is in advanced talks to acquire Israeli cybersecurity firm Armis for a staggering $7 billion. This isn’t just about expanding their portfolio—it’s about redefining how organizations manage security, assets, and risk in one seamless platform.
And this is the part most people miss: Armis isn’t just another cybersecurity company. It specializes in providing visibility into assets that traditional IT systems overlook—think critical infrastructure, operational systems, industrial equipment, and IoT sensors. By integrating Armis into its platform, ServiceNow can funnel this data directly into its configuration management database (CMDB), enabling real-time response processes as part of an organization’s daily operations. It’s not just about security; it’s about operational efficiency.
Michel highlights that this move is part of a broader strategy, not a one-off purchase. “After acquiring Veza, an identity-based security platform, this acquisition reinforces ServiceNow’s commitment to embedding security into its core offerings,” he explains. For the federal market, this is huge. ServiceNow, already a major player in both private and federal sectors, can now offer a unified platform that bridges the gap between IT and cybersecurity—a gap that’s often exploited by attackers.
But let’s talk about Israel’s role in all this. Israel is a cybersecurity powerhouse, home to innovators like Armis and global funds like Andreessen Horowitz and Lightspeed. So, where does Merlin Ventures fit in? Michel clarifies: “Merlin isn’t just another fund. We started 25 years ago helping companies sell into the U.S. federal market. Today, we’re a major distributor, driving hundreds of millions in revenue for companies like Palo Alto Networks and CyberArk.” In 2019, Merlin’s founder, David Phelps, recognized Israel’s dominance in cybersecurity innovation and established a local presence. Merlin typically leads Seed rounds, often alongside heavyweights like Andreessen, Greylock, and Lightspeed.
Here’s the kicker: The U.S. federal market, worth about $300 billion, is a goldmine for Israeli startups—but it’s notoriously hard to crack. Selling to the government requires certifications like FedRAMP, a process that can take years and cost millions. Merlin’s CGC platform slashes that timeline to months. In the past year alone, they’ve helped Israeli companies generate over $100 million in revenue through this channel. “That’s where the real money is,” Michel emphasizes.
But with great opportunity comes great risk. The surge in mega Seed rounds at sky-high valuations has Michel cautious. “Some companies are raising capital at 100 or even 200 times revenue. Early-stage startups are being valued higher than public cybersecurity companies generating hundreds of millions annually. That’s a dangerous dynamic,” he warns. Is the market heading for a correction? Michel predicts a recalibration within two to three years, with funds investing just to ‘have a seat at the table’ being the most vulnerable.
And here’s a thought-provoking question: Are we in a cyber-AI bubble? Michel draws a parallel to the cloud transition of 2012-2017, where security concerns slowed adoption. Cybersecurity companies enabled that shift, and he sees the same pattern with AI today. “Cybersecurity firms that make AI safe for organizational use will unlock widespread adoption,” he says. AI is also becoming central to the U.S. federal agenda, with the government investing heavily in defending against AI-driven and quantum threats. Israeli companies offering credible AI cybersecurity solutions could fast-track to massive Washington contracts.
For Israeli founders, Michel’s advice is clear: “Don’t just build technology—build go-to-market capabilities. Aim for tens of millions in revenue from day one. Companies that aren’t in the market don’t learn how to improve.”
So, is ServiceNow’s acquisition of Armis a strategic masterpiece or a risky gamble? And what does this mean for the future of cybersecurity, AI, and the federal market? Let’s hear your thoughts in the comments—agree or disagree, the conversation starts here.
