ARMIS CENTRIX™ / DARDEN
Partnered with AITG
// AITG × Armis Cyber Exposure Management

Unified Asset
Intelligence
across Darden.

See, protect, and manage 1,900+ restaurants — and the back-office that runs them.
Onsite April 29, 2026
ARMIS
AI AITG · Authorized Reseller
// Reference graph · Darden × Armis live model
42 nodes · 119 relationships pocketCISO-derived
01 / 09
SEE · PROTECT · MANAGE
02 · Open Discovery
AITG × Darden · Armis Centrix™
Section 1 · Desired Capabilities

What we’re hearing.

Open Discovery in Process

Synthesized from precall conversations across IT, Security, and CIO leadership. Capabilities clustered by family, not by team — discovery is still active.

01Asset Visibility & Inventory
  • Inventory management
  • Consolidate fragmented visibility
  • Accuracy (source of truth)
  • IT Management (CMDB)
  • Unified visibility into Windows endpoints
  • Unified visibility across all data centers including the campus
  • Visibility into printer accounts
  • Granular hardware profiling between brands/models
02Risk Detection & Coverage Validation
  • Rogue Device Detection
  • Tool Verification
  • Red Dot visibility
  • Security Gap Analysis
03Lifecycle & Technical Debt
  • SaaS & Hardware Licensing visibility
  • End-of-life and end-of-sale
  • Technical Debt Visibility
04Network, Segmentation & Dependencies
  • Network Segmentation
  • Firewall as Connector
  • Application Dependency Mapping
05System of Record
  • Armis integration into Helix
Section 2 · Existing Tools

Integration targets.

Open Discovery in Process
// Tools to integrate with

Darden’s existing stack.

11 named integrations · open scope
Helix (Management Layer)
Fortinet (Firewall as Connector)
Snow (Flexera)
HP
CrowdStrike
Zscaler
Veracode
Azure
Juniper
SIEM
Prometheus
02 / 09
OPEN DISCOVERY · CAPABILITIES + INTEGRATIONS
03 · The Source of Truth
AITG × Darden · Armis Centrix™
Foundation

Four non-negotiables.
One asset reality.

Every Darden ask in discovery collapses into four foundational outcomes. Get these right and every downstream capability — segmentation, CMDB, lifecycle — operates on the same ground truth.

6.7B+
Devices in the Asset
Intelligence Engine
200+
Pre-built
integrations
0
Agents required
(agentless)
01

Holistic asset visibility

Every device, every environment — IT, OT, IoT, cloud, unmanaged. No more blind spots.

ITOTIoTCloudUnmanaged
02

Technical debt, quantified

EOL / EOS exposure on hardware, software, firmware. Refresh budgets defended with evidence, not estimates.

EOLEOSFIRMWAREBUDGET
03

Tool validation & ROI

Are EDR, scanners, NAC actually deployed where they should be? Surface coverage gaps in seconds.

EDRSCANNERNACAGENT
04

Behavior & segmentation truth

Are assets behaving as expected? Are networks actually segmented? Continuous proof, not quarterly snapshots.

SEGMENTBEHAVIORZERO TRUST
03 / 09
FOUR FOUNDATIONAL OUTCOMES
04 · Platform
AITG × Darden · Armis Centrix™
The Cyber Exposure Management Platform

Introducing Armis Centrix™

Seven purpose-built modules. One shared asset graph. Deployable independently, composable end-to-end.
ARMIS
// Core

CENTRIX

Cyber Exposure Management Platform

Asset Management & Security

M01

Complete asset inventory of all asset types.

OT/IoT Security

M02

See and secure OT/IoT networks and physical assets.

Medical Device Security

M03

Visibility and security for clinical assets.

VIPR Pro · Prioritization & Remediation

M04

Find risk, prioritize response, route to owners.

Vulnerability Management Detection & Response

M05

Continuous vuln detection across all networked assets.

Application Security

M06

End-to-end app risk profiling.

Early Warning

M07

AI-based early-warning alerts.

// Architecture
Asset Graph
Unified · Real-time
Intelligence
6.7B+ devices
Policy Plane
Federated
Telemetry
Passive · Active
// Deployment
SaaS
Multi-tenant
On-Prem
OT/IoT only
Hybrid
Cross-domain
Connectors
API · Agentless
// Module Index
Total Modules
7
Shared Engine
AIE
Outcomes
See · Protect · Manage
04 / 09
PLATFORM OVERVIEW · 7 MODULES
05 · Our Platform
AITG × Darden · Armis Centrix™

Our Platform

Data Sources
6.7B+

Only Armis has a global asset intelligence engine of over 6.7 billion devices.

Integrations

  • Hundreds of pre-built integrations
  • Easy to deploy (API-based)
  • Rapid time to value

We gather data from hundreds of pre-built integrations in your existing solutions, deduplicate and rationalize it, providing you with a unified, authoritative and real-time view of all your existing assets.

Telemetry

  • Network Traffic Analysis
  • Deep packet inspection
  • Smart Active Queries

This is our capability to enrich asset data with network traffic analysis. Armis detection techniques include passive and smart active querying. We do this in a non-intrusive way, making sure we don't trigger any sensitive assets.

Asset Intelligence Engine

  • Crowdsourced, cloud-based
  • Billions of ‘known good’ baselines
  • Vulnerabilities, threats and risks

The Armis “secret sauce”. We keep track of this metadata from all of our customers around the globe in our AI-driven asset intelligence engine.

05 / 09
OUR PLATFORM · DATA SOURCES
06 · Architecture
AITG × Darden · Armis Centrix™

Our Platform

Architecture · Aggregate · Deduplicate · Enrich · Push back
Asset Intelligence Engine
METADATA
Integrations
CrowdStrikeAWSTenableVMwareSentinelOneHelix
Telemetry
IoTOTIoMTIIoT
CMDB
ServiceNowBMC Helix
SIEM / SOAR
SplunkSentinelQRadar
Network Enforcement
FortinetCiscoArubaPalo AltoForescout
Ticketing / Workflow
JiraServiceNow
CENTRIX
Cyber Exposure Management
See
Protect
Manage
06 / 09
ARCHITECTURE · CENTRIX HUB
07 · Detection & Enforcement
AITG × Darden · Armis Centrix™

Network Threat Detection & Response

Reduce SOC investigation time

Detect threats and abnormal activity

Continuously analyze the network traffic using multiple methods:

  • Behavioral analytics
  • Signatures identification
  • Rule-based matching

Collect Forensic Data

Investigate a device’s network activity timeline before, during and after an incident.

ARMIS collector VLAN 1 Corporate Devices VLAN 2 Guest Devices VLAN 3 Medical Devices VLAN 4 Operational Devices
✔ Map asset connections & routes
✔ Identify bad network segmentation
✔ Push enforcement to WLC, NAC, FW
✔ Alerts on traffic + segmentation violations
07 / 09
NETWORK THREAT DETECTION · SEGMENTATION
08 · Reference Graph
AITG × Darden · Armis Centrix™
// Darden × Armis · graph

How the asset graph re-wires Darden’s stack.

pocketCISO-derived graph model. Each Darden tool feeds the Armis Asset Intelligence Engine and is enriched back. Data domains flow out to every team that consumes them — surfacing where ownership concentrates, where the same data lifts multiple teams, and where coverage is thin.

// Node types
Team · deep purple
Armis module · pink
Existing tool · teal stroke
Data domain · blue outline
// Edge types
OWNS team → tool
INTEGRATES_WITH tool → module
FEEDS tool → data
ENRICHES module → tool (push-back)
SHARED_WITH data → team
// Insight markers
vendor-published / build-out
no native — confirm onsite
team owns no tool (gap)
42 nodes · 119 relationships ·
MKT owns no tools — pure consumer of asset/compliance data.
NET concentrates Microsoft + Fortinet stacks.
08 / 09
POCKETCISO-DERIVED · DARDEN × ARMIS REFERENCE
09 · Close
AITG × Darden · Armis Centrix™
Next step

Onsite working
session.

See, protect and manage Darden’s entire attack surface — together with AITG and Armis.
EngagementDarden Restaurants
PartnerAITG · Authorized Reseller
DateApril 29, 2026

What we’ll cover onsite

Discovery
Walk through the open use-case clusters; confirm scope per team
Architecture
Validate the unified-graph model against Darden’s current stack
Integrations
Confirm ownership for Snow / FortiSASE / Helix path
Detection
NDR + segmentation enforcement through Fortinet footprint
Reseller
AIAITG · Authorized Reseller
09 / 09
SEE · PROTECT · MANAGE