Analyst(s): Fernando Montenegro
Publication Date: July 7, 2026
ServiceNow and Accenture have launched a joint offering that combines managed security services with AI-powered migration off legacy risk platforms. Read against ServiceNow’s Armis and Veza acquisitions, it looks less like an AI feature and more like a bid to become the enterprise risk platform of record.
What Is Covered in This Article:
- ServiceNow and Accenture launched a joint offering that pairs managed security services on the ServiceNow AI Platform with an Accenture AI tool for migrating from legacy risk platforms.
- The offering spans integrated and third-party risk, operational technology risk brought onto the same platform as IT, and AI agents for proactive compliance.
- The migration tooling, not the managed services, is the load-bearing piece, aimed at addressing the switching costs that keep incumbents like Archer, MetricStream, and IBM OpenPages in place.
- ServiceNow’s acquisitions of Armis and Veza make OT and identity claims more credible and point to a broader consolidation play.
- Agentic AI moving from assistant to operator raises a governance question that will gate how far the model scales.
The News: On June 29, ServiceNow and Accenture expanded their cybersecurity partnership with a joint offering. It pairs two things: managed security services built on the ServiceNow AI Platform and an Accenture tool that uses AI to automate migration from legacy risk platforms to ServiceNow. The stated goal is to remove the cost and complexity from that move.
The offering spans four areas. Integrated risk and third-party risk management put AI agents to work monitoring vendors and managing their lifecycles, with a single view of enterprise risk. Operational technology risk management brings OT and IT onto one platform. Proactive risk and compliance uses AI agents to track regulatory changes and automate responses. The fourth piece is the migration itself.
The companies set all of this against a backdrop of faster attacks and exploit windows that now close in hours rather than months.
ServiceNow and Accenture Bet on Migration to Win Enterprise Risk
Analyst Take: The easy way to read this announcement is that ServiceNow has added some AI to its security and risk products, with Accenture along to help customers get there. We feel that framing misses what is actually happening.
The partnership lands in the middle of a deliberate buying spree, the roughly $7.75 billion Armis deal that ServiceNow closed earlier this year, its largest to date, and the Veza acquisition before it. The pattern those deals form is hard to ignore. Armis brings asset visibility and cyber-exposure data across IT, OT, and connected medical devices. Veza brings identity and access. The Accenture offering brings managed services and a way to migrate off whatever a customer runs today.
Put those together, and the question is less about AI features than about position: is ServiceNow trying to become the enterprise risk platform of record, the place where exposure, identity, workflow, and remediation all meet? To us, that is the bet worth watching, and it changes how much this particular partnership matters.
Migration Is the Load-Bearing Piece
Most of the coverage will focus on the managed services, but the more interesting component is the migration tooling. Legacy risk and governance estates are sticky for a reason. Organizations that have spent years customizing Archer, MetricStream, or IBM OpenPages incur switching costs that have little to do with the merits of any newer platform and everything to do with the effort of moving.
That is the moat ServiceNow needs to breach, and it is a sensible place to spend Accenture’s effort. Whether an AI-assisted migration can meaningfully lower that cost, rather than simply reframe a long consulting engagement as an automated one, is the open question. If it works, the competitive effect is larger than the announcement suggests, because the constraint on displacing incumbents was never the destination; it was the journey.
Armis Changes the Operational Technology Story
The offering brings operational-technology risk onto the same platform as IT. A year ago, we would have read that as an ambitious claim from a workflow vendor with little depth in industrial environments. Armis changes that, because ServiceNow now owns a recognized source of OT and cyber-physical asset visibility rather than depending on partners to supply it, which makes the OT-onto-IT pitch considerably more credible.
It also turns this into something the OT security specialists, Claroty, Nozomi Networks, Dragos, Tenable OT, and others, should read closely. A platform player folding asset intelligence, risk workflow, and remediation into one operating model is a different kind of competitor than a point offering. We would not call the outcome settled, though. Integrating an acquisition of that size while delivering it through a services partner is genuinely hard, and the industrial world tends to punish overpromising.
Agents That Operate, Not Just Advise
The through-line across the four services is agentic AI doing operational work, monitoring vendors, tracking regulatory change, and managing lifecycle tasks, rather than surfacing recommendations for a human to act on. That is the direction the market has been moving, and it is where the value sits, if the trust holds.
The tension, which belongs here rather than tacked on at the end, is that letting agents execute governance and compliance workflows raises the same governance question one level up: who governs the agents, what data they can access, and how is any of it audited? The offering gestures at this by pairing automation with centralized risk visibility, which is the right instinct. Even so, governance-of-the-agents is likely to be the gating factor on how far this scales, and we suspect buyers will test it hard before handing over consequential actions.
This Is Also a Services Land Grab
It is worth naming the commercial motive plainly. Accenture wants the outcome-based managed-security position, and so do Deloitte, KPMG, IBM Consulting, Wipro, Kyndryl, and others, all of whom would happily wrap similar services around a risk platform. Tying itself closely to ServiceNow gives Accenture a sharper story, though it trades away some of the vendor-neutral posture large integrators usually guard.
The timing is not accidental. In Futurum’s 1H 2026 Cybersecurity Global Enterprise Decision Maker Survey (n=624), 48% of organizations increasing their cybersecurity budgets cited risk-management strategy as a top 3 driver, ahead of cybersecurity modernization at 45%. When buyers frame spending around managing risk rather than refreshing infrastructure, an offering that leads with integrated risk and operational outcomes is aimed squarely at where the money is going.
What to Watch:
- Can AI-assisted migration actually reduce switching costs? Legacy risk platforms stay put because moving is expensive and disruptive. This offering only matters if the migration tooling changes that math rather than renaming a long consulting project.
- Does the Armis integration deliver on the OT-onto-IT promise? Owning the asset-visibility layer helps, but folding a $7.75 billion acquisition into a partner-delivered offering is where ambitious platform stories tend to meet execution reality.
- How far will buyers let agents act on their own? Today’s agents mostly assist. Whether organizations allow them to execute governance and compliance workflows with limited oversight will decide how much of this scales.
- Who governs the agents? Access to sensitive risk, compliance, and identity data raises the oversight question one level up. Buyers without clear auditability may stall agentic AI at the pilot stage.
- Does one platform beat a best-of-breed stack here? Enterprises still run governance, third-party risk, OT, and compliance across separate tools. Consolidation appeals in theory, though the tradeoffs are real, and rivals will contest it.
For more information, read the full announcement from ServiceNow and Accenture.
Disclosure: Futurum is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.
Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of Futurum as a whole.
Other Insights From Futurum:
Can IBM and ServiceNow Finally Make Legacy Systems AI-Ready?
ServiceNow Embeds AI Across Platform. How Far Can This Model Scale?
Who Will Control the Enterprise Agentic Workforce? CIOs Face a New Platform War
ServiceNow Q1 FY 2026 Results Raise Full-Year Subscription Outlook
Author Information
Fernando Montenegro serves as the Vice President & Practice Lead for Cybersecurity & Resilience at The Futurum Group. In this role, he leads the development and execution of the Cybersecurity research agenda, working closely with the team to drive the practice's growth. His research focuses on addressing critical topics in modern cybersecurity. These include the multifaceted role of AI in cybersecurity, strategies for managing an ever-expanding attack surface, and the evolution of cybersecurity architectures toward more platform-oriented solutions.
Before joining The Futurum Group, Fernando held senior industry analyst roles at Omdia, S&P Global, and 451 Research. His career also includes diverse roles in customer support, security, IT operations, professional services, and sales engineering. He has worked with pioneering Internet Service Providers, established security vendors, and startups across North and South America.
Fernando holds a Bachelor’s degree in Computer Science from Universidade Federal do Rio Grande do Sul in Brazil and various industry certifications. Although he is originally from Brazil, he has been based in Toronto, Canada, for many years.

