Enterprises rely on ServiceNow’s Configuration Management Database (CMDB) as the system of record for infrastructure and applications. It supports critical processes across IT operations, security, compliance, and risk. But as software delivery accelerates, and as architectures become more dynamic, distributed, and AI-assisted, keeping the CMDB current has become increasingly complex.

Code repositories, APIs, containers, GenAI components, and runtime workloads evolve faster than traditional inventory tools can track. That’s why ServiceNow and Apiiro have partnered to bring deep, code-level context into the CMDB, giving joint customers a real-time, software-aware inventory that reflects how applications are actually built and operated today.

This level of visibility is increasingly essential as enterprises adopt AI-native workflows and agentic systems that rely on complete, trustworthy data to operate effectively.

Precision Software Context, Now in ServiceNow

Our expanded partnership with ServiceNow brings Apiiro’s software intelligence directly into the CMDB. IT, security, and risk teams gain continuous insight into how applications are developed, deployed, and changed over time, automatically and without friction.

The integration adds code-level visibility and runtime traceability that asset syncing alone cannot provide. By mapping components from source to production and layering in rich risk context, Apiiro helps teams act faster and more confidently across incident response, compliance, and vulnerability management.

Here’s what it enables:

Bi-Directional Application Sync

Apiiro integrates directly with CMDB business applications to keep them aligned with the state of your codebase, creating, updating, or removing entries as needed. No spreadsheets. No stale records. Just a software inventory that keeps up with change.

Context-Enriched Asset Metadata

Apiiro’s patented Deep Code Analysis (DCA) surfaces rich metadata from across your SDLC, including repositories, APIs, sensitive data indicators, risk posture, and the presence of generative AI components, and feeds that detail into CMDB records. Teams get technically rich asset entries that are immediately usable in downstream decision-making.

Code-to-Runtime Traceability

The integration links running components back to the code they originated from, with no agents, tagging, or build changes required. Teams can trace a runtime issue to its source, understand the risk, and know who owns it without delay or detective work.

Smarter, Risk-Aware Workflows

With current, code-informed data embedded directly in ServiceNow, teams can automate faster, prioritize based on real impact, and reduce the noise and lag that often block resolution.

Connecting Application Changes to Real Decisions

CMDBs play a central role in how enterprises manage risk, respond to incidents, and automate operations. But these processes depend on accurate, current data, and that’s often hardest to maintain where change happens fastest: in the application layer.

When software assets aren’t tracked properly:

• Vulnerability alerts lack ownership or context
• Incident response slows while teams dig through stale documentation
• AI-based playbooks act on incomplete or outdated information

With this integration, Apiiro complements ServiceNow’s CMDB by supplying real-time, code-level context that reflects how software is actually built and deployed. It gives security, operations, and risk teams the full picture, right where they already work.

As Deepak Kolingivadi, Head of Security Products at ServiceNow, puts it:

“Maintaining an accurate and up-to-date CMDB is critical in today’s ever-changing software landscape. By integrating Apiiro’s AI-Native Deep Code Analysis (DCA) and code-to-runtime context with ServiceNow’s cloud-based system of record for technology infrastructure, we are empowering our customers with AI-powered IT operations—enabling automation and efficiency with risk-aware workflows across development, operations and security teams.”

Built for the Reality of How Software Changes

This integration reflects a broader shift. The boundaries between AppSec, ITOps, SecOps, and risk management are dissolving. Teams need a shared, reliable view of their software systems—one that reflects real architecture, not outdated documentation.

Apiiro serves as that bridge, bringing real-time software intelligence into the CMDB and helping joint customers move faster with confidence.

“This is a milestone for Apiiro and for ASPM at large. With ServiceNow CMDB as the system of record and Apiiro as the source of truth for software development, enterprises finally get a unified, trustworthy view of the software powering their business.”

– John Leon, VP of Partnerships and Business Development at Apiiro

Ready to modernize your CMDB? Schedule a demo or visit our listing in the ServiceNow store.