For most "best ITSM software" round-ups, the ranking is driven by feature counts. For an Israeli IT manager in 2026, that is the wrong place to start. Since 14 August 2025 - the day Amendment 13 to the Protection of Privacy Law came into force - the operative question is no longer only which tool has the longest feature list, but which tool helps me see, control and prove what is happening across my environment. The regulator now expects exactly that, and the choice of service-desk and asset-management software is one of the more direct ways an IT team either meets that expectation or quietly fails it.

Why a privacy law belongs in an IT-software discussion

Amendment 13 is the most substantial overhaul of Israel's privacy framework in decades, moving the 1981 Protection of Privacy Law much closer to the EU's GDPR. It gives the Privacy Protection Authority real enforcement tools: Administrative fines that can reach into the millions of shekels, orders to halt processing, expanded criminal exposure, and statutory damages a court can award without proof of harm. It makes a data protection officer mandatory for public bodies, data brokers and organizations whose databases center on sensitive information. Unusually for privacy legislation, it also speaks directly to AI, requiring impact assessments and disclosures before deployment. And the PPA has already started enforcing - including a fine against a public-sector employee who misused legitimate system access to pull sensitive records for personal reasons.

None of that is, on its surface, a software-procurement story. It becomes one immediately, because you cannot protect - or prove - what you cannot see. Demonstrating compliance under the new regime means knowing which devices and databases hold sensitive data, controlling who can reach them, keeping a record of that access, and producing credible reports on demand. Those are not abstract legal tasks; they are the day-to-day output of an asset-management and service-management platform. The insider-access case is instructive: It was about a credentialed user reaching data outside their purpose, which is precisely the failure mode that data segregation, access logging and a clean configuration-management database (CMDB) exist to prevent.

A second consequence is about hosting. Amendment 13 tightens the rules on transferring personal data abroad, requiring that the receiving country offer adequate protection. Combined with Israel's security environment - where healthcare, public-sector, energy, and defense-adjacent organizations routinely run isolated or air-gapped networks - this pushes a meaningful share of Israeli buyers toward keeping data on-premise rather than in a vendor's cloud. That single requirement reshapes the shortlist before features enter the conversation.

What actually separates the platforms

Five variables decide fit more reliably than any feature matrix, and the new regime reorders their priority for Israeli buyers. The first is the hosting model - whether you can run on-premise or air-gapped at all, not just in the cloud, which for regulated and security-sensitive organizations is non-negotiable. The second is native discovery and ITAM depth: Whether asset data is collected automatically and stays current, with a CMDB that ties a device to its owner, its location and the data it touches, or whether that picture is stitched together from a second product. The third is workflow flexibility, including the ability to segregate access by department rather than bending your process to fit a template. The fourth is time-to-value, because most Israeli IT shops run with two to ten technicians and cannot absorb a two-quarter implementation. The fifth is three-year total cost - the license tier plus paid modules, implementation, and the renewal increases that tend to arrive in year two. Hold those five against any vendor list and most "top 10" articles collapse to two or three genuine candidates for a given organization.

The 2026 field, by tier

Enterprise tier - ServiceNow (and BMC Helix). ServiceNow remains the reference standard for large, complex organizations and has pushed hardest on agentic AI in 2026. For an organization with a thousand-plus seats and dedicated platform administrators, it earns that position. For most Israeli mid-market teams, cost and implementation are the story: Pricing is quote-based, implementations routinely outrun annual licensing, and the platform expects staff to run it full-time. Teams that pilot it often conclude they are buying capacity they will never use.

Mid-market mainstream - Freshservice and Jira Service Management. Freshservice is the fastest path from no ITSM to ITIL-aligned operations, with a modern interface and Freddy AI on higher tiers; list pricing starts around $19 per agent per month, though change, problem and project capabilities sit on the Pro tier near $95, and CMDB depth and reporting flexibility are where asset-heavy teams tend to outgrow it. Jira Service Management is the natural choice where engineering already lives in Atlassian - it aligns incidents, changes and deployments tightly, offers a free tier for up to three agents, and runs cloud-first with a data-center option for on-premise needs; outside Atlassian-centric environments, its standalone asset and CMDB story is thinner than a purpose-built platform's.

Integrated ITSM + ITAM tier - ManageEngine ServiceDesk Plus, Lansweeper, and Alloy Navigator with AlloyScan. This band is built for IT-heavy teams that want service desk, assets and discovery on one data model rather than three integrations. ManageEngine ServiceDesk Plus is functionally broad and available on-premise or in the cloud with a free edition, but its modular pricing means catalog, change management and CMDB often sit behind higher tiers, and the interface can feel dated. Lansweeper is strong on discovery, though teams frequently pair it with spreadsheets for service work and re-evaluate after price increases.

Alloy Navigator combines service desk, IT asset management, software-license tracking and a CMDB, with AlloyScan - the vendor's cloud-native discovery layer, which is replacing its older on-premise Discovery tool - feeding live inventory from both on-premise and cloud environments into the same model. Two characteristics make it relevant to the Amendment 13 conversation specifically. Hosting is flexible, including full on-premise and air-gapped deployment for regulated environments, which keeps data in-country without a transfer-adequacy analysis. And its data-segmentation capability lets one department's records - HR, or another group handling sensitive personal data - be walled off from the IT staff who administer the system, which maps closely to the purpose-limited access the PPA's first enforcement actions have turned on. The vendor holds SOC 2 certification and added AI features for ticket summarization and risk analysis in its 2025–2026 releases. The honest limit: It is built for roughly two-to-25-technician teams managing 100 to 1,500 endpoints, not for hundred-plus-administrator organizations that need ServiceNow-scale customization, and it is a smaller vendor than the enterprise names.

.
. (credit: PR)

What it costs in 2026

Cloud ITSM list pricing in 2026 generally runs from about $13 to over $100 per agent per month before implementation. For asset-heavy teams, though, the meaningful figure often tracks managed nodes rather than seats, so per-agent headline numbers understate the real bill. The clearest way to budget is by team and environment size.

.
. (credit: PR)

Against those ranges, an integrated platform that bundles service management, asset management and discovery usually undercuts the combined cost of a mid-tier help desk, a separate discovery tool, and the integration work to join them - the same arithmetic that pushes teams off a "discovery tool plus spreadsheets" stack after a renewal increase. (The pricing figures above are list indications and move frequently; confirm current numbers with each vendor before budgeting.)

How to choose without regret

Start from constraints, not features. Under Amendment 13, fix your hosting and data-control requirement first, because it eliminates half the field instantly. Then weigh native discovery and ITAM depth, since asset visibility is the foundation most compliance failures trace back to - if you cannot see the environment, you cannot govern access to it or document changes to it. Run a real proof-of-concept with your own ticket routing, SLA rules and a sample asset import; vendor demos hide the friction that only appears under your own data. And tie the decision to a concrete trigger - an incumbent renewal date, a fiscal-year deadline, or your data protection officer's compliance timeline - so it does not drift. Done that way, the "best ITSM software" stops being a ranking and becomes a straightforward match between your organization's constraints and the one platform that fits them.

This is a sponsored contribution prepared with input from Alloy Software. Vendor comparisons and pricing are provided for the reader's own evaluation and are not a substitute for an independent assessment of your organization's requirements. Regulatory points are general and not legal advice; consult qualified counsel on Amendment 13 obligations.

This article was written in cooperation with Alloy Software