ServiceNow announced its intent to acquire Veza, an identity security company. Veza works as an identity and access management platform for both humans and AI agents.
The acquisition will extend the capabilities of ServiceNow’s Security and Risk portfolios into Identity Security. Veza and ServiceNow will enable end-to-end identity security rooted in the principle of least privilege that significantly reduces enterprise risk.
Founded in 2020, Veza serves nearly 150 global enterprise customers in banking, hospitality, and fast-moving consumer goods (FMCG), with 230 employees globally. After this transaction closes, Veza’s identity visibility, intelligence & governance capabilities will be incorporated into ServiceNow’s security portfolio.
Veza’s modern, unified, AI-native approach is powered by its patented Access Graph, which maps and analyzes access relationships across human, machine, and AI identities, providing an end-to-end access visibility and risk control platform for all types of identity.
Veza’s Access Graph brings an AI-native approach to identity security, giving organizations a single dashboard to quickly spot and remedy overly broad permissions across both human and machine identities, including AI agents. Its scalable platform supports full next-generation IGA capabilities, including access reviews, access requests, and an access hub, along with permission updates and end-to-end visibility that legacy solutions can’t match.
By integrating with ServiceNow’s strength in workflows, knowledge graphs, and AI, Veza also enhances the ServiceNow AI Control Tower by governing what AI agents can access and do across enterprises. Veza also adds critical identity context to existing ServiceNow Security and Risk products, including Vulnerability Response, Incident Response, and Integrated Risk Management, giving customers a clearer view of who and what is associated with an exposure, incident, or risk event. As identity security becomes a core pillar of ServiceNow’s Security Operations, Veza strengthens exposure management, incident response, and integrated risk management capabilities.
Veza will strengthen ServiceNow’s identity security services with deep cross-platform visibility into who and what has access, enabling consistent and auditable access governance across connected applications. That shared foundation is critical for agentic AI, helping ensure autonomous actions stay aligned with enterprise policies. This gives ServiceNow the trusted identity layer agents need to act safely at scale, which is essential to winning in an agentic AI world. With richer identity visibility, enterprises can centrally govern, monitor, and enforce AI access and actions across their entire ecosystem. Veza also complements existing identity features on the ServiceNow AI Platform, like Machine Identity Console, by offering better visibility and simpler management as businesses scale with AI.
Amit Zavery, president, Chief Operating Officer, and Chief Product Officer at ServiceNow, said, “In the era of agentic AI, every identity — human, AI agent, or machine — is a force for enterprise impact. It’s only when you have continuous visibility into each identity’s permissions that you can trust it. By combining Veza’s industry-first Access Graph with ServiceNow’s AI Control Tower and agentic workflows, we can give customers a true single pane of glass, with control of every identity in their organization. Together, we’ll empower CISOs and security teams to make safer access decisions that protect their businesses, and to defend their high-value data assets from AI-powered attacks.”
Tarun Thakur, CEO of Veza, said, “Veza was built to make identity security transparent, scalable, and effective for every organization. With ServiceNow, we will help customers embrace AI with greater confidence. Together, we can turn identity governance and identity security into a strategic advantage by giving organizations clear, integrated control over every type of identity — whether it belongs to a person, a machine, or an AI agent.”
