ServiceNow has announced plans to acquire Veza, a company specialising in identity security. This acquisition is set to enhance the capabilities of ServiceNow’s Security and Risk portfolios by integrating identity security, a critical front in contemporary cybersecurity. The move will empower organisations to better control access to their key data, applications, systems, and AI artifacts.
As businesses increasingly leverage autonomous AI solutions, the collaboration between Veza and ServiceNow aims to bolster identity security through the principle of least privilege, thereby reducing business risk.
Identity and access management
Modern businesses face the challenge of managing a wide array of identities, which include employees, partners
Modern businesses face the challenge of managing a wide array of identities which include employees, partners, systems, devices, and AI agents. As threat actors employ sophisticated tools like agentic AI, enterprises require robust identity and access control measures to align permissions with roles and regulatory demands.
Veza provides a unified, AI-native approach using its patented Access Graph. This technology maps access relationships among human, machine, and AI identities, creating a platform that offers comprehensive visibility and risk control, integrated into all layers of identity management.
The era of agentic AI
“In the era of agentic AI, every identity — human, AI agent, or machine — is a force for enterprise impact. It’s only when you have continuous visibility into each identity’s permissions that you can trust it,” said Amit Zavery, president, chief operating officer, and chief product officer at ServiceNow.
By merging Veza’s Access Graph with ServiceNow’s AI Control Tower, organisations gain a unified interface to manage all identities, enabling safer access decisions and protecting valuable data assets from AI-driven threats.
Enhancing identity governance
Through union with ServiceNow, identity control and security will become strategic advantages
“Veza was built to make identity security transparent, scalable, and effective for every organisation,” stated Tarun Thakur, CEO of Veza.
Through collaboration with ServiceNow, identity governance and security will become strategic advantages, offering organisations integrated control over a diverse range of identities, including those of machines and AI agents.
Strengthening enterprise identity security
Veza’s Access Graph introduces an AI-led perspective on identity security, providing organisations with a centralised platform to manage and adjust permissions efficiently.
This scalable solution supports comprehensive identity governance capabilities such as access reviews and requests, and delivers visibility unmatched by older systems. John Stecher, Chief Technology Officer at Blackstone, notes that this partnership will enhance enterprise workflows through smarter access management and seamless deprovisioning.
Integration with ServiceNow platforms
ServiceNow's AI Control Tower benefits from enhanced identity governance, controlling what AI agents can access
By integrating Veza’s technologies, ServiceNow's AI Control Tower benefits from enhanced identity governance, controlling what AI agents can access and perform across enterprises.
This integration also enriches ServiceNow’s existing Security and Risk products, such as Vulnerability Response and Incident Response, by adding vital identity context, thereby improving exposure management and risk reduction capabilities.
Mitigating cyber risk and enhancing security
Through this collaboration, Veza aims to augment ServiceNow’s identity security offerings with comprehensive visibility into access controls, facilitating consistent governance across applications.
A shared foundation enhances agentic AI operations, ensuring they remain compliant with enterprise policies. This trusted identity layer is crucial for safe, scalable operations in an AI-driven world, providing enterprises centralised oversight over AI actions across their networks.
Veza, established in 2020, boasts nearly 150 enterprise clients in sectors such as banking and hospitality, supported by 230 employees worldwide. After the acquisition’s closure, Veza’s identity visibility and governance features are expected to be integrated into ServiceNow’s security portfolio, pending regulatory approval and completion of transaction conditions.
ServiceNow, the AI control tower for business reinvention, announced its intent to acquire Veza, a pioneer in identity security. The acquisition will extend the capabilities of ServiceNow’s Security and Risk portfolios into one of cybersecurity’s most important areas that is at the forefront of every breach now – Identity Security.
This will enable organisations to understand and control who and what has access to their critical data, applications, systems, and AI artifacts. As businesses take advantage of autonomous capabilities made possible through agentic AI, Veza and ServiceNow will enable end-to-end identity security rooted in the principle of least privilege that significantly reduces enterprise risk.
Layer of identity and access management
Modern enterprises must manage a diverse array of identities, including employees, partners, systems, applications, devices, and increasingly, autonomous AI agents. As threat actors adopt agentic AI to orchestrate ever more sophisticated attacks, enterprises need strong identity and access controls and governance to ensure permissions remain tightly aligned with evolving roles, regulatory requirements, and advancing technologies.
Veza’s modern, unified, AI-native approach is powered by its patented Access Graph, which maps and analyzes access relationships across human, machine, and AI identities, providing an end-to-end access visibility and risk control platform for all types of identity. This foundation embeds governance into every layer of identity and access management, giving security teams granular visibility and control to manage complexity with confidence and to put AI to work securely across every corner of their business.
Era of agentic AI
“In the era of agentic AI, every identity — human, AI agent, or machine — is a force for enterprise impact. It’s only when you have continuous visibility into each identity’s permissions that you can trust it,” said Amit Zavery, president, chief operating officer, and chief product officer at ServiceNow.
“By combining Veza’s industry-first Access Graph with ServiceNow’s AI Control Tower and agentic workflows, we can give customers a true single pane of glass, with control of every identity in their organisation. Together, we’ll empower CISOs and security teams to make safer access decisions that protect their businesses, and to defend their high-value data assets from AI-powered attacks.”
Identity governance and identity security
“Veza was built to make identity security transparent, scalable, and effective for every organisation,” said Tarun Thakur, CEO of Veza.
“With ServiceNow, we will help customers embrace AI with greater confidence. Together, we can turn identity governance and identity security into a strategic advantage by giving organisations clear, integrated control over every type of identity — whether it belongs to a person, a machine, or an AI agent.”
Strengthening identity security across the enterprise
Veza’s Access Graph brings an AI-native approach to identity security, giving organisations a single dashboard to quickly spot and remedy overly broad permissions across both human and machine identities, including AI agents. Its scalable platform supports full next-generation IGA capabilities, including access reviews, access requests, and an access hub, along with permission updates and end-to-end visibility that legacy solutions can’t match.
“ServiceNow powers our horizontal business workflows, while Veza enforces least privilege and adds identity access intelligence at scale,” said John Stecher, Chief Technology Officer at Blackstone. “Together, they'll enable more secure and scalable workflows for enterprise businesses with smarter access management, ongoing access reviews, and seamless deprovisioning. The combined platform will provide a context-rich identity governance framework that will be key in the age of agentic AI.”
ServiceNow Security and Risk products
By integrating with ServiceNow’s strength in workflows, knowledge graphs, and AI, Veza also enhances the ServiceNow AI Control Tower by governing what AI agents can access and do across enterprises. Veza also adds critical identity context to existing ServiceNow Security and Risk products, including Vulnerability Response, Incident Response, and Integrated Risk Management, giving customers a clearer view of who and what is associated with an exposure, incident, or risk event.
As identity security becomes a core pillar of ServiceNow’s Security Operations, Veza strengthens exposure management, incident response, and integrated risk management capabilities.
Minimizing customers’ exposure and cyber risk with integrated identity security
Veza will strengthen ServiceNow’s identity security services with deep cross-platform visibility into who and what has access, enabling consistent and auditable access governance across connected applications. That shared foundation is critical for agentic AI, helping ensure autonomous actions stay aligned with enterprise policies.
This gives ServiceNow the trusted identity layer agents need to act safely at scale, which is essential to winning in an agentic AI world. With richer identity visibility, enterprises can centrally govern, monitor, and enforce AI access and actions across their entire ecosystem. Veza also complements existing identity features on the ServiceNow AI Platform, like Machine Identity Console, by offering better visibility and simpler management as businesses scale with AI.
Veza’s identity visibility, intelligence & governance capabilities
Founded in 2020, Veza serves nearly 150 global enterprise customers in banking, hospitality, and fast-moving consumer goods (FMCG), with 230 employees globally.
After this transaction closes, Veza’s identity visibility, intelligence & governance capabilities will be incorporated into ServiceNow’s security portfolio. The transaction is subject to customary regulatory approvals and closing conditions.
