Armis Reviews

I use Armis for asset discovery, OT and IoT security, and Armis provides vulnerability management for OT and IoT devices.

The main use case of Armis is asset visibility; apart from asset visibility, Armis can also provide threat visibility.

Based on my field experience, I found Armis very useful for health and medical devices, as well as for critical infrastructure and manufacturing. It is beneficial for the government too. When visiting government sites as a customer, they often lack visibility about OT and IoT devices, and Armis can provide very good visibility. Along with visibility, Armis offers real-time continuous monitoring, threat visibility, and vulnerability management across those devices.

The best features Armis offers include vulnerability management for OT and IoT devices, providing risk prioritization, and offering protection across all connected assets. Armis cyber exposure management is very good as it provides continuous visibility, risk prioritization, and protection across all connected assets.

Armis has positively impacted my organization by providing asset discovery for both OT and IoT, as well as threat visibility for OT and IoT devices along with vulnerability information, including the CVE number so that I can fix the threat on OT and IoT devices. Most of the time, focus is on IT devices and attention is not paid to OT and IoT. Armis facilitates focus on OT and IoT as well, closing the gap that often exists. Armis makes life easier for customers by providing visibility of OT and IoT, as well as threat visibility.

Armis has a user-friendly interface, is very useful for customers, provides quality support, and has a global presence allowing easy access for both customers and Armis representatives.

The console is user-friendly.

Armis handles compliance requirements in my industry very well and is useful.

For improvement, I suggest adopting more automation and making the solution AI-enabled. If Armis can be autonomous, it will be more useful for customers. If it can respond to threats in real-time, it will also be more helpful.

Everything is positive regarding Armis's performance. I observe that Armis provides very positive use cases to customers. A few improvements could be aligned with market trends, as the market is moving towards AI-driven technology, which is why I suggest that it should be AI-driven and powered by artificial intelligence and autonomous capabilities.

I have been using Armis for the last five to six years.

Armis is stable and reliable, and it provides availability for customers.

Scalability is very good with Armis. Customers typically enjoy the solution and do not face any issues both before deployment during the POC and after deployment once they release the PO and get the implementation done.

Customer support is good.

Previously, there were no existing products in the market when I visited customer places for OT and IoT security. There was no existing solution available for them. Armis is the new product that I pitch to customers.

I have seen a return on investment with Armis. I would like to mention a few points about the ROI: the first ROI is threat reduction, the second is operational efficiency providing a 90% faster mean time to resolution (MTTR). It provides asset visibility and saves costs associated with asset visibility. There is a 98% reduction in vulnerability workloads, enabling focus only on high-risk issues. Additionally, there are so many alerts, and Armis offers threat prioritization and vulnerability prioritization so that I can focus on high-risk issues, along with ten to fifteen percent annual savings on software licensing by reclaiming unused capacity and 99% of automated actions completed in a second. Summarizing the ROI as a table, it shows ROI areas for threat blocking, operational efficiency with a 90% reduction in MTTR providing around 60% improvement, and for threat blocking, 99% of attacks are prevented, while also providing asset discovery and vulnerability workload management.

My experience with pricing, setup costs, and licensing is overall good. The price is not very high, licensing is good, and setup and deployment costs are average.

I had not evaluated any other options before choosing Armis.

I have served many customers with Armis, and they express satisfaction, stating that it is very useful and has helped clean up their attack surface area.

Integration is available for Armis with various tools. Armis is getting acquired by ServiceNow, and integration is very much available with ServiceNow. Additionally, Armis can be integrated with Okta, CyberArk, identity and access management solutions, and security and intelligence tools such as CrowdStrike, Cybereason, and McAfee EDR solutions. Integration is also available with Rapid7, Qualys, Check Point, Palo Alto, and perimeter firewalls such as FortiNet. These integrations and threat intelligence are key points.

The performance of Armis in terms of detection speed and accuracy is very good. Both detection and speed are impressive.

Armis is user-friendly and easy to maintain for customers on a day-to-day basis.

I would advise others looking into using Armis to go with this product to easily fulfill their gap for OT and IoT, as that is a significant attack surface area that remains open without this type of product. I suggest not to leave the attack surface area unsecured. Armis is also very beneficial for asset discovery, real-time continuous threat monitoring, and threat hunting.

Armis transforms cybersecurity from a cost center into a business performance driver, delivering quantifiable ROI through reduced risk, operational efficiency, and compliance readiness for board-level discussions.

I rate Armis ten out of ten because it serves customer needs for OT and IoT visibility. Apart from visibility, it also provides threat visibility, vulnerability prioritization, and detailed vulnerability information. In that area, if you go back five to ten years, the attack surface area was fully open. Armis is the solution that fills that gap, and while there are competitors, I believe Armis has been doing a great job from the start.

In my day-to-day work, I use Armis for cybersecurity operations and an asset visibility project focused on enterprise IT, and we perform device monitoring using the tool.

During an enterprise asset visibility and vulnerability management initiative in a hybrid environment that includes corporate IT systems, unmanaged endpoints, and network-connected devices, we integrated Armis with our existing security monitoring workflows to identify unmanaged and unknown assets communicating across the network during one billing cycle. Armis detected several devices that were not properly registered in the CMDB or covered by traditional endpoint security tooling, including network-connected printers, legacy systems, and unmanaged IoT-type devices communicating internally.

Armis has proven helpful for automatically classifying devices based on behavior and network traffic patterns, identifying outdated systems with potential security exposure, prioritizing risky assets for further vulnerability assessments, and improving asset inventory accuracy for the security and operations teams. These capabilities provide significant benefits with the tool.

Some of the best features I find valuable in Armis include Agentless Asset Discovery, which is a very strong capability that does not require any agent but can discover all assets that are part of our systems or the CMDB. Real-time asset visibility allows us to perform asset monitoring and provides complete visibility of IT, OT, IoT, and cloud-connected assets. Behavioral monitoring and threat detection is very useful for monitoring device behavior and communication patterns, helping the SOC team with threat hunting activities.

Additionally, vulnerability prioritization focuses not only on CVSS scores but also on exploitability, which is very impactful during vulnerability management. Armis performs very well in deep-diving into OT and IoT environments, providing detailed visibility into industrial and connected devices that are usually difficult to monitor with standard endpoint tools. The product can also be integrated with any security monitoring tools such as SIEM, SOAR, NAC, firewalls, and CMDB integrating platforms, which is helpful.

Armis has a positive impact by improving enterprise-wide asset visibility, strengthening risk awareness, and helping the security operations team reduce blind spots. Key features include improved asset inventory accuracy, better risk prioritization which is very impactful during security operations and vulnerability management, enhanced security monitoring providing continuous improved visibility into suspicious and unusual device activity, and stronger IoT and OT visibility ensuring proper visibility between IoT and SC devices. Faster incident investigation is facilitated by providing all risk metrics and exploitability information, which makes it easier for the incident management team to prioritize threats and work on them accordingly.

In the incident response scenario, the incident response time has been reduced significantly because we have incident response plans available, but identifying which issue should be prioritized first takes considerable time. Armis helps to prioritize incidents and threats, allowing us to provide P1 priority incidents to the incident response team, which is very impactful. Detection takes substantial time, but with Armis helping detection through proper classification, it reduces time considerably, so we now focus solely on incident response to mitigate threats as soon as possible, which is very impactful.

My experience with Armis has been positive, especially around asset visibility, unmanaged device monitoring, and risk intelligence. However, there are a few areas for improvement.

Some features I can suggest include more granular role-based access control and dashboard personalization, better long-term historical trend visualization, improved asset grouping and tagging automation, and more AI-driven insights which would be beneficial for addressing future AI-related threats and exposure prioritization and anomaly detection. These are expected improvement areas for Armis in the future.

As I am working in a vulnerability management project, the vulnerability prioritization feature is very helpful for me because Armis focuses on CVSS and considers the exploit. If there is any critical vulnerability, it can be detected, and if any exploitability is available, it can easily prioritize that, allowing us to prioritize the vulnerability and provide remediation as soon as possible, which increases the security metrics in our environment and reduces risks using this feature.

I would advise that if you are working in vulnerability management, risk management, or SIEM SOX solutions, you can use Armis as it can help save time and improve overall risk scoring and asset prioritization, which will be very beneficial. I rate this product an overall eight out of ten.

My main use case for Armis in that project at Embraer was as a consultant, where I worked on maintaining and developing the solution to integrate some applications, including Active Directory. This integration managed the user lifecycle inside Embraer, the client.

A specific example of how I used Armis to manage or integrate applications is that we built what I called drivers in the solution, which are connectors that synchronize information between the OpenText solution and the applications we were integrating, such as Active Directory, and vice versa.

I was maintaining the solution that was provided by Novell at that time, which was the producer of the solution before it was sold to OpenText.

The best features Armis offers include the interaction with my manager in Brazil, whose first name is Rui, and who provided a lot of experience, especially Horácio, who used to work for Microsoft. Horácio helped with issues related to Active Directory and provided ideas on how to best integrate the solutions.

The aspect of Armis solution that stood out to me was its flexibility to integrate different applications. The collaboration of the team is really important and key for the project to go well and bring the results the customer is looking for.

The solution has the necessary resources and connectors that have built many of the rules needed for integration, regardless of whether the application is an Active Directory, an LDAP directory, a database, or even a specific solution such as SAP. It is also flexible enough to build the business rules that apply specifically to that customer.

Armis has positively impacted my organization and my client's organization by ensuring that on day one, new users had all the access they needed to work for the applications that were integrated. Additionally, if a user was dismissed from the company, they would lose all access to the integrated applications because Active Directory, which was key for user authentication, would disable their account.

I do not recall any specific statistics regarding measurable results, but there was positive feedback from managers concerning the process during the time I was there.

The OpenText solution we used had to improve its development in relation to cloud environments. They have started to offer a version that works on the cloud, but they are really behind in that aspect today. I am studying other solutions such as ForgeRock or SailPoint, which are much better in this regard.

The needed improvements I see include implementing cloud features, as the market, particularly in Brazil, is moving to cloud environments to reduce costs and time spent on upgrades and server management.

I worked with Armis about four to five years ago.

In my experience, Armis is very stable.

In terms of scalability, there were customers with millions of users in the environment, but I do not have experience with newer solutions that can scale to that point.

The customer support for Armis was pretty good.

I did not previously use a different solution before Armis; however, I am currently studying different solutions.

Before choosing Armis, I did not evaluate other options, as at that time, I had a solid working knowledge of the system because I worked for Novell, the producer of the solution.

The solution was purchased directly from the vendor, Novell, the producer of the solution.

My company's relationship with this vendor is that I work as a contractor, usually for a partner that implements the solution for customers.

I did not see any report on return on investment during the time I worked there, but generally, it has given a good impression because new users can begin working right away on their first day without needing to request access to applications.

I did not handle the pricing, setup cost, and licensing for Armis during my time there; I dealt with that long ago when I was working for Novell in Brasília, the capital of Brazil.

I am studying other solutions such as ForgeRock or SailPoint, which are much better in this regard.

Armis is a very flexible solution for integrating various applications, making it easier to find ways to integrate even old systems. However, it lacks a SaaS solution as it is not available on the cloud, which is a significant drawback today for OpenText. I would rate this solution 9 out of 10.

My main use case is to identify all the devices in my network, connect to them, and identify the exposure alerts for those devices. I only have to discover all the devices, connect to them, and identify the alerts, the exposure alerts.

Instead of all the tools showing all the alerts, Armis will identify, with its AI feature, the main features that are risky and will only show those. That feature is very good for that purpose.

While other tools will provide all the alerts, such as one hundred or two hundred alerts, Armis will provide only one or two important alerts. That is the very best feature of Armis.

Another valuable feature is the auto-discovery feature. I do not have to install the agent in all systems. Armis will auto-discover on the network, connect to them, and start collecting logs. That is the best feature of Armis.

Armis has reduced the cost of employment because before, I had to take all the logs, and the logs required so many more employees. Now, I only have to take the risky ones that will be handled by one or two employees. That is very useful for us.

Previously in my company, I had to have five employees for that work, but currently, one employee is handling everything. That saves the cost of four employees.

Because it is very helpful for us to identify the main dangerous logs, instead of checking all the logs, the AI feature will give me only the important logs I have to see. That AI feature is very great in Armis.

It saves money and time also, both.

I am using Armis since last one year.

Armis is stable.

Armis is scalable. It is very good.

Customer support is very good.

I evaluated other options such as Log360 and IBM QRadar.

I advise that if you want cybersecurity, then you can mostly explore this tool. Armis is very useful. Instead of other tools, it will be very helpful and the AI feature is very great.

I am a distributor for Armis and have been working with them for about two to three years now. I am familiar with Armis Centrix for asset management and security.

Armis is typically used for correlating all the data and can integrate with existing security solutions such as VAPT, EDR, or existing firewalls.

I find the most valuable features of Armis to be its focus on IT, OT security, and medical device security.

Armis provides full visibility on OT devices and in the medical industry for devices such as ECG machines, X-rays, and infusion pumps. ECG devices, ECG machines, X-rays, and infusion pumps are all part of the medical devices that Armis covers.

Armis's integration capabilities help enhance security posture by correlating data to categorize based on priority levels or risk levels.

I am referring to the contextual awareness feature in Armis, which helps prioritize remediations. Viper, Vulnerability Prioritization and Remediation, is the product responsible for that. It will identify asset behavior, such as when an asset is communicating to external parties suddenly.

Armis can be somewhat expensive and there is not much sales presence for Armis.

Without any existing security solution on the customer's end, Armis will only collect telemetry data, which is the device IP address.

After implementing Armis, an organization experiences it as an add-on. Without asset visibility or vulnerability prioritization, it becomes a useless product.

Armis cannot be used as a standalone solution and should be integrated with other solutions. It cannot be used standalone because it requires other security solutions for the integration part.

I have been working in this field for nearly four years now.

Until now, I have not faced challenges with Armis support, as pre-sales engineers have been helpful. I would rate support an eight because their pre-sales team is very responsive and helpful.

When implementing Armis, there are not many challenges since it is a cloud-based solution and I just have to buy the license and have an appliance to onboard.

You do not spend much time on all of these configuration setup processes, and it may take around a day. Fixing that appliance takes about a day, and then I have to do some configuration. Configuration takes the most time.

For overall time, it may take around two to three days because the appliance has to collect all the device data to be in production.

I personally participate in the deployment of Armis, or it is done by different people based on customer requirements. Usually, just one person participates in deployment from my side.

One engineer will participate, and Armis is now part of ServiceNow because ServiceNow has acquired Armis.

There is nothing in terms of return on investment or cost reductions in the long run after implementing Armis.

I would rate this review seven out of ten.

I confirm my experience with Armis, and as a cybersecurity specialist, I have several years of experience in this sphere. In terms of AI-driven risk assessments in Armis, I have insights to share based on my experience.

Real-time asset monitoring in Armis helps with network operations, especially in comparison to Nozomi. Contextual awareness in Armis helps me prioritize remediation efforts. I have been using metrics to evaluate asset behavior insights that Armis provides, and I can discuss how I evaluate its behavior.

AI is one improvement I noted for Armis, and I may have other examples as well.

I worked with Armis approximately 9 to 11 months ago.

In terms of stability, Armis is not completely stable, as sometimes incidents may occur.

Armis is scalable enough, though some limitations may exist.

Technical support from Armis is good, though it could sometimes be better.

The installation of Armis involves minimal challenges, making it generally smooth.

There is noticeable return on investment for Armis.

Armis is slightly on the expensive range based on what I have observed.

Armis is more suited for small and medium customers, while Nozomi and Claroty are targeted at different types. This assessment is connected with AI and threat intelligence when comparing Armis, Nozomi, and Claroty.

I am still dealing with Armis to some extent, as I have not stopped working with it for more than a year. I can confirm that I am also working with other vendors such as Fortinet and various vulnerability management solutions today. I would rate Armis around a specific number based on my experience on a scale from zero to 10 points.

My main use case for Armis is identifying assets in corporate environments and performing remediation for vulnerabilities and risk assessments.

Armis is effective at discovering assets that were not previously known, and from there, I set up those assets in the platform to assess risk and perform vulnerability remediation.

The best features Armis offers are asset identification and providing context on the assets to help identify which risks are more important than others.

The context that Armis provides that is especially helpful includes asset value to the organization, whether the asset is public facing, and those types of details.

Armis has positively impacted my organization by helping me identify vulnerabilities more effectively, especially on assets that I did not know existed on the network. In one case, I found approximately 10% of a pool of assets that I thought were retired but somehow wound up back on the network.

I cannot identify specific ways Armis can be improved. I would consider potential integrations with other tools as small improvements.

I have been using Armis for about a year and a half.

Armis is stable.

The scalability of Armis is good.

I previously used Sophos as a different solution. I decided to switch from Sophos to Armis because it is a different company.

I have seen a return on investment with Armis, as it definitely improved remediation with fewer employees.

Before choosing Armis, I evaluated other options including Tenable and CrowdStrike.

My advice for others looking into using Armis is to implement the features that you want to use intentionally, so you should understand and do your planning and due diligence before you start deploying the product so that you can avoid misconfigurations and get the most out of it from the start.

Armis is a cloud-based SaaS solution designed specifically for manufacturing environments, especially for companies implementing Industry 4.0. My primary use is in network-based security, offering asset discovery, visibility, protection, and vulnerability assessment.

Armis is very easy to implement due to its agentless design and offers a granular level of visibility for all assets in the network. Its asset visibility capabilities are a significant advantage. 

Additionally, it is easy to maintain, allowing me to handle it with a single management console. The solution provides seamless integration through API-based integration, and it is highly scalable.

Armis could improve its geographic spread and marketing campaigns across regions.

I have been working with Armis for the last six to seven months.

I have not come across any glitches with Armis. It is 100% stable.

Armis is extremely easy to scale and is fully scalable.

Customer support is satisfactory. I would rate it ten out of ten.

Positive

I used to work with CoSoSys. I stopped about two to three months ago. I haven't worked on Armis prior to this.

Armis is very easy to implement, being an agentless solution.

I am involved in part implementation of Armis.

It is difficult to quantify a return on investment at this point. We may analyze it down the line in about a year.

Armis pricing is average, neither cheaper nor more expensive than other solutions. It is too early to comment on ROI or other associated cost benefits.

I have not evaluated other solutions.

Armis is completely AI-enabled, although there is not much scope for additional AI integrations currently. 

I give Armis a rating of ten out of ten. 

For the future, Armis is anticipated to introduce new features, but I have not explored these deeply.

We use the product in our OT environment to secure IDs. We also use it for monitoring purposes.

The solution’s vulnerability monitoring system is very good. Our overall experience is very good.

We face many issues while implementing Armis in the pharma sector. Some of the customer applications are not supported well by the tool. The applications do not communicate well if we implement Armis.

We generally face such issues during implementation. We are planning to implement the product in the wind energy sector, but we don't have any idea how to do it. Currently, it is a very big challenge for us.

Products like Dragos, Claroty, and Nozomi provide a much better experience during implementation. If any issues arise, we are told how to resolve such issues during the POC. Armis does not provide the secure remote access feature Claroty provides.

I have been using the solution for more than a year.

The product is stable after implementation. It’s a huge competitor in the market.

The product is scalable. We have 85 users in our organization.

The support team is very good. There are some delays sometimes, but it’s normal.

We face issues during implementation.

The tool is cheap.

Armis is a competitor of Claroty and Nozomi. Claroty is much better than Armis. However, Armis is a good IDS tool.

If someone is trying to implement and secure an environment related to every area in their organization, I would not recommend Armis. Some services are not provided by Armis. Using the product for the first time might be a challenge. The training available on the portal is helpful, though. It would be good to categorize the training based on the services we need.

Overall, I rate the solution a seven out of ten.