Critical Infrastructure Security,
Governance & Risk Management,
Operational Technology (OT)
Armis Acquires Otorio to Strengthen On-Premises Security and Compliance Capabilities

Armis, a cyber exposure management company based in San Francisco, has announced the acquisition of Otorio, a firm specializing in operational technology security, for $120 million. This strategic move is aimed at bolstering Armis’ security offerings for on-premises environments, particularly for sectors such as government, utilities, and critical infrastructure providers that often face restrictions on cloud-based solutions. These organizations typically operate within air-gapped networks, isolating their systems from internet access to enhance security.
Nadir Izrael, co-founder and CTO of Armis, highlighted the necessity of on-premises solutions for certain market segments, including some defense contractors and compliance-driven enterprises. He noted that despite Armis’ diverse portfolio, the acquisition of Otorio fills a crucial gap in their offerings. Founded in 2017 and led by former Israel Defense Forces chief cyber defense commander Daniel Bren, Otorio has developed significant expertise in active querying methodologies unlike Armis’ traditional passive monitoring approach.
The acquisition complements Armis’ previous efforts to expand its reach in operational technology security, which included the purchase of Silk Security for $150 million. Otorio’s emphasis on proactive querying enables a distinct security posture that harmonizes with Armis’ existing capabilities, thus fostering a comprehensive defense strategy against cyber threats.
In terms of technical tactics potentially leveraged in this acquisition context, the MITRE ATT&CK Matrix can be seen as a lens through which to assess the situational landscape. While both companies have traditionally occupied the same market space, Izrael asserts that Otorio’s unique architectural approach stands out. Their focus on integrating real-time data through active querying positions them effectively against adversary techniques related to initial access, persistence, and privilege escalation—key elements in contemporary cyber threats.
Merging Otorio’s technological assets into Armis’ broader security ecosystem is expected to occur within the next year. The integration will involve consolidating security models, enhancing data transfer protocols, and refining operational workflows to align with Armis’ overarching security framework. This approach aims to ensure a seamless transition for current Otorio customers, providing them with a unified experience as they navigate the enhanced security landscape.
While cloud-based platforms offer advantages of scalability and intelligence, they may not cater adequately to facilities that mandate strict data sovereignty, such as power plants and nuclear facilities. Conversely, on-premises solutions afford organizations greater control and compliance but often lack the real-time adaptability inherent in cloud models. The synergy of Armis and Otorio seeks to reconcile these challenges by delivering a security architecture that benefits from both worlds.
With this acquisition, Armis not only strengthens its presence in the OT security domain but also reaffirms its commitment to proactive cyber defense strategies. As the threat landscape continues to evolve, the collaboration between Armis and Otorio is poised to enhance security measures across critical sectors, equipping them with the tools needed to combat increasingly sophisticated cyber adversaries effectively.