ServiceNow Strengthens Cybersecurity Arsenal with Strategic Veza Acquisition
The ServiceNow Purchase marks a major step in strengthening enterprise identity security as the company integrates Veza’s advanced capabilities.
ServiceNow revealed on December 2, 2024, its plan to acquire identity security specialist Veza, marking a decisive move to enhance protection against AI-powered cyber threats targeting enterprise identity systems. The acquisition positions the workflow automation giant to address one of cybersecurity’s most critical vulnerabilities as organizations navigate increasingly complex digital environments.
ServiceNow Acquisition Targets Identity Crisis
The transaction will integrate capabilities into ServiceNow’s Security and Risk portfolios, focusing specifically on identity security—an area at the forefront of contemporary security breaches. Modern enterprises face mounting challenges managing diverse identity types, including employees, partners, systems, applications, and autonomous AI agents, creating exploitable gaps that threat actors increasingly target with sophisticated attacks.
The strategic rationale centers on Veza’s patented Access Graph technology, which maps and analyzes access relationships across human, machine, and AI identities, providing comprehensive visibility that legacy security solutions cannot match. This capability becomes essential as businesses deploy agentic AI systems requiring granular permission controls and continuous monitoring to prevent unauthorized access to critical data assets.
Access Graph Technology Drives Integration Value
Amit Zavery, ServiceNow’s president, chief operating officer, and chief product officer, emphasized that continuous visibility into each identity’s permissions is essential for trust in the agentic AI era. The combination of Veza’s Access Graph with ServiceNow’s AI Control Tower creates a unified governance framework capable of managing identity risks across entire organizational ecosystems.
The Access Graph platform delivers a single dashboard enabling security teams to identify and remediate overly broad permissions across both human and machine identities, including AI agents. This scalable architecture supports next-generation identity governance and administration capabilities, including access reviews, access requests, and permission updates that traditional point solutions fail to provide.
The acquisition enhances ServiceNow’s existing security products by adding critical identity context to Vulnerability Response, Incident Response, and Integrated Risk Management solutions. Organizations gain clearer visibility into which identities associate with specific exposures, incidents, or risk events, enabling faster remediation and more effective threat containment.
Enterprise Adoption Signals Market Validation
Founded in 2020, Veza serves nearly 150 global enterprise customers across banking, hospitality, and fast-moving consumer goods sectors with 230 employees globally. The company previously raised $235 million in total funding, with its April 2025 Series D round valuing the business at $808 million, according to multiple industry reports.
John Stecher, chief technology officer at Blackstone, stated his firm already utilizes both platforms, with ServiceNow powering horizontal workflows while Veza enforces least privilege at scale. This existing integration demonstrates the complementary nature of the two platforms and suggests smooth consolidation potential.
The transaction addresses growing enterprise demands for unified identity security as organizations scale AI deployments. With AI agents capable of autonomous actions across systems, robust identity governance becomes fundamental to maintaining security posture without sacrificing operational velocity or innovation capacity.
Regulatory Scrutiny and Integration Timeline
The transaction requires customary regulatory approvals and closing conditions, with no disclosed financial terms. Industry sources suggest the deal values Veza above $1 billion, representing a premium over its most recent fundraising valuation and reflecting strategic importance in the rapidly evolving identity security market.
Post-acquisition, Veza’s identity visibility, intelligence, and governance capabilities will integrate throughout ServiceNow’s security portfolio. The combined platform aims to deliver context-rich identity governance frameworks essential for organizations embracing autonomous AI capabilities while managing regulatory compliance requirements across jurisdictions.
Tarun Thakur, CEO of Veza, stated the partnership will help customers embrace AI with greater confidence by providing clear, integrated control over every identity type—whether belonging to persons, machines, or AI agents. This vision aligns with ServiceNow’s broader strategy positioning itself as the AI control tower for business reinvention.
The ServiceNow acquisition represents a significant consolidation trend within the identity security sector, as platform vendors seek comprehensive capabilities to address the expanding attack surface created by hybrid work models, cloud infrastructure, and AI system proliferation. Organizations increasingly recognize that identity has become the new security perimeter, requiring sophisticated visibility and control mechanisms that legacy approaches cannot deliver.
