Portuguese Startup TensorOps Builds AI Agents for Cybersecurity

The Portuguese team of the startup TensorOps is developing what it describes as the next generation of agentic cybersecurity in partnership with Armis, creating a “swarm” of specialised AI agents designed to operate like an army defending modern enterprises.

In an announcement on LinkedIn , TensorOps declared the collaboration which lands at a pivotal moment for Armis: in December 2025, ServiceNow announced an agreement to acquire Armis for $7.75 billion in cash, positioning Armis’ cyber-exposure capabilities inside a broader platform intended to “see, decide, and act” across an organization’s technology footprint.

Moving Beyond Monitoring, Toward Actionable Intelligence

Enterprises have spent years building security “visibility”—dashboards, alerts, inventories, and endless tickets. But as infrastructures sprawl across cloud, on-prem, IoT, OT and medical devices, visibility alone can quickly turn into noise.

TensorOps says its joint mission with Armis is to shift from monitoring to truly actionable intelligence, using advanced agentic systems that can adapt, learn, and respond to vulnerabilities at scale—not just report them.

“We are thrilled to announce that TensorOps has partnered with Armis to pioneer a new era of AI-driven cybersecurity,” the company said in a statement, adding that the goal is to transform how organizations manage threats, “moving beyond monitoring into the realm of truly actionable intelligence.”

The “Swarm” Model: Many Agents, One Defensive Goal

The Portuguese team’s work centers on a highly capable swarm of agents, purpose-built to collaborate—each agent focusing on a distinct part of the defensive lifecycle. Think: one agent for asset intelligence, another for vulnerability triage, another for policy checks, another for remediation orchestration—coordinated like a unit rather than acting as isolated automation scripts.

Instead of a single monolithic “AI security tool,” the swarm approach aims to:

• Continuously map the attack surface (including unmanaged and hard-to-see environments)
• Prioritize risk based on context, blast radius, and exploitability
• Recommend and orchestrate responses through workflows—reducing time-to-remediation
• Learn from outcomes (what fixes worked, what broke dependencies, what created drift)

This direction aligns with ServiceNow’s acquisition rationale, which highlights a unified security exposure and operations stack capable of acting across IT, OT, and other device-heavy environments.

Built for Today’s Fragmented Infrastructure

TensorOps frames the effort as more than “automation.” The ambition is a defense layer that is smarter and more resilient—built for the real-world complexity of modern enterprises.

“Our mission is to build a system that goes beyond automation; it’s about building a smarter, more resilient defense layer for today’s fragmented infrastructure,” TensorOps said.

That fragmentation is exactly where Armis has built its reputation: exposure management and visibility across heterogeneous environments, including cyber-physical and device-rich surfaces.

Why the Armis–ServiceNow Deal Matters Here

While TensorOps’ work is focused on the agent swarm itself, Armis’ move toward ServiceNow could reshape how these capabilities are delivered and operationalised—especially for large organisations that already run major parts of their IT workflows on ServiceNow.

ServiceNow’s own announcement describes the combination as a way to connect exposure insights to execution—pairing “see, decide, and act” with security and risk workflows. And Armis has long emphasized integration with ServiceNow ecosystems, including CMDB-related visibility and connectors.

In plain terms: if the platform where enterprises run workflows becomes more tightly coupled with cyber exposure intelligence, agentic systems that can translate risk into actions may become far more powerful—and far easier to deploy at scale.

Portugal’s Delivery Muscle on a Global Problem

Portugal’s tech scene has increasingly become known for delivery-focused engineering teams that ship production systems for global markets. TensorOps is leaning into that reputation here: building a complex, distributed, security-grade agent architecture that can operate reliably under enterprise constraints—compliance, auditability, integration realities, and the unavoidable messiness of legacy infrastructure.

“We are incredibly enthusiastic to bring our deep delivery expertise to this challenge and work alongside Armis to turn this vision into reality,” TensorOps added.

What Comes Next

Agentic cybersecurity is still early—and the hardest part is not “writing an agent,” but building systems that are:

• safe to operate (no reckless automated actions),
• transparent (auditable reasoning and traceability),
• integrated (works with existing toolchains),
• and effective at scale (across thousands to millions of assets).

TensorOps and Armis are betting that a coordinated swarm—an “army” of specialised agents—can deliver that step-change: turning security data into security outcomes.