What happened: At ServiceNow’s Knowledge 2026 event, the company announced “Autonomous Security & Risk,” combining Armis’ asset intelligence with Veza’s identity governance to map identities, permissions, and connected assets as AI agents multiply inside enterprises.

Why it matters: Because agents don’t “use your systems,” they impersonate your permissions. The press release argues non-human identities already outnumber human ones, and that most companies can’t answer who approved access, why it exists, or whether it’s still valid.

Wider context: This is the agent era’s boring-but-decisive control plane: asset inventory + identity graphs + workflow automation. If you can’t see what exists or who can touch it, “autonomous work” is just a faster way to automate the wrong thing.

Background: The release says ServiceNow’s security and risk business crossed $1 billion in annual contract value last year, and pitches a “single graph” approach that supports real-time prevention, detection, response, and audit trails for boards and regulators.

ServiceNow launches Autonomous Security & Risk, integrating Armis and Veza to govern every AI agent, identity, and connected asset — Las Vegas Sun (Business Wire)

Singularity Soup Take: Every vendor is selling “AI agents.” ServiceNow is selling the leash, the paperwork, and the surveillance footage. That’s not a joke — it’s the actual market structure: the winners will be whoever turns agent chaos into something a CISO can sign without crying.

Key Takeaways:

• Identity First: Veza’s “Access Graph” is described as a real-time map of access relationships across human and non-human identities, aiming to enforce least privilege and trigger remediation as context changes and agents multiply.
• Visibility Gap: Armis is positioned as the way to see the full connected asset surface (IT, OT, IoT, cloud, medical equipment, and now AI agents), feeding a live inventory into ServiceNow’s CMDB rather than a static spreadsheet of wishful thinking.
• Proof, Not Promises: The release claims customer results like eliminating 96% of dormant non-human identities and cutting threat containment time by 97%, framing governance as measurable operational work rather than “responsible AI” vibes.