Armis has expanded its cyber exposure management platform with the launch of Armis Centrix for Application Security, signalling a broader push into software supply chain and application-layer risk as organisations grapple with faster, AI-assisted development cycles.
The new offering is positioned to address application security across the software development lifecycle, from source code and dependencies through to containers and production environments. Armis argues that application code has become a primary attack surface, particularly as automated and AI-assisted coding tools accelerate development while increasing the volume and complexity of vulnerabilities.
Application security has long been characterised by fragmented tooling, with organisations often relying on multiple static and dynamic analysis products that generate large volumes of alerts with limited context. Armis Centrix for Application Security aims to consolidate detection, prioritisation and remediation by correlating code-level findings with runtime and infrastructure context.
According to the company, the platform analyses code, third-party dependencies, container images and configuration files across multiple programming languages, identifying both known vulnerabilities and harder-to-detect variants that can be missed by template-based scanning tools. Armis claims the approach reduces false positives and shortens remediation timelines by routing issues directly to relevant development teams.
Industry analysts have noted that the growing use of AI-assisted coding tools is reshaping DevSecOps workflows, placing additional pressure on security teams to operate at the same speed as development. As development pipelines become increasingly automated, the ability to validate and prioritise risk in near real time is becoming a key requirement rather than a differentiator.
The launch also reflects a broader trend among security vendors to move beyond standalone application security testing and toward platform-based approaches that integrate application risk with broader exposure management and operational security data.
Armis says the solution is designed for large-scale enterprise environments, integrating with existing development and security tools while providing continuous coverage from code creation through to production deployment. The company also points to independent benchmarking results as evidence of detection capability, though real-world performance will ultimately depend on how effectively organisations integrate the technology into existing workflows.
The introduction of Armis Centrix for Application Security underscores the growing convergence of application security, exposure management and risk governance as organisations seek clearer visibility into how software risk translates into business impact.
