Palo Alto Networks buys Twistlock to boost its cloud security platform

Continuing its wave of acquisitions, global cybersecurity leader Palo Alto Networks said it will to acquire Twistlock, a leader in container security, for $410 million.  Along with Twistlock, Palo Alto says it will also acquire PureSec, a leader in serverless security. The two acquisitions will be a part of Palo Alto’s new Prisma cloud security strategy, its unified offering for several cybersecurity platforms. The new offerings will be delivered via software-as-a-service similar to earlier offerings of RedLock. It is expected to see accelerated adoption of DevSecOps with the rollout of Prisma, as companies will be able to manage security centrally for different platforms. Palo Alto says it is now positioned to be the “industry’s most complete cloud security offering.”

Palo Alto Networks’ wave of acquisitions

Palo Alto Networks has been on an acquisition wave — with the earlier acquisitions of Mota Security, Cyvera, and CirroSecure, and the more recent ones of LightCyber,, Secdo, RedLock, and Demisto. While shareholders and analysts have expressed their concern over the buying spree, chairman and chief executive Nikesh Arora said that the new acquisitions are strategic to enable the company’s cloud security vision. The company did beat analysts’ expectations in its third-quarter earnings, further reinforcing that it has a solid strategy to become the leader in the space. It also revealed that its 2019 fiscal third-quarter revenue grew 28 percent year-over-year to $726.6 million.

Leader in container security

Twistlock is by far the leader in the market in container security — it’s the most comprehensive, automated, and built-for-scale container security platform. Twistlock provides cloud protection services across the development lifecyle. Palo Alto Networks’ leadership felt that the integration of Twistlock and RedLock, a cloud security and compliance risks monitoring system, would provide its customers with a best-of-breed service offering across the different cloud security needs.

Twistlock was founded in 2015 by Ben Bernstein and Dima Stopel. Both of them will join Palo Alto Networks after the acquisition. Twistlock serves more than 290 customers, and 25 percent of the Fortune 100 trust Twistlock for security. Twistlock has raised funds amounting to $63.1 million from Polaris Partners, 1011 Ventures, Rally Ventures, YL Ventures, and Dell Technologies Capital. Twistlock is headquartered in Portland, Ore., with offices across the U.S., UK, and Israel. In 2018, Twistlock reported record growth of 250 percent — both in its sales and customer base of its cloud-native security platform. The annual revenue of the company is estimated to be $2.5 million.

While the immediate competitors are Aqua Security, Sysdig, Tenable, and Polyverse, Twistlock and Aqua Security are considered to be the leaders in that space. In a news release, the founders said Twistlock’s “vision for a cloud-native security platform” was “a natural fit with Palo Alto Networks’ cloud strategy.”

In announcing the deal, Arora reiterating that the acquisition is aligned to its strategy to become the one-stop security solution provider for its customers.

“Today marks another exciting step forward in our commitment to offering our customers the industry’s most complete cloud security offering. We believe that our acquisition of these leading companies will significantly enhance our ability to be the cybersecurity partner of choice for our customers while expanding our capabilities and strengthening our Prisma cloud security strategy.” Palo Alto Networks

As containers take off, challenges are mounting

The cloud-native world is dynamic and volatile, and containers provide a new layer of abstraction. It is increasingly becoming challenging to assess container health, risk, and performance. Developers may run thousands of containers where there used to be a single application. Traditional solutions and firewalls have become obsolete in an environment where more and more companies are adopting the cloud and applications are becoming “borderless.” Cyberattacks and critical data leaks are increasingly on the rise. A set of strategies is required that takes into account distributed and dynamic systems of the world of containers, and to address the potential gap at various layers of the container environment. This may include management of identity and access control, network security, data security, host server security, container image security, and runtime security.

It is not practical to manually secure all these layers. Automation is the only possible solution. While several vendors help to automate security requirements of specific stages of the software lifecycle, dedicated container security like Twistlock provides the next level of security automation. Twistlock initially built a strong capability in container image scanning, and soon after it developed new features Cloud Native App Firewall (CNAF) and Cloud Native Network Firewall (CNNF) that enable automation where it was not possible before. Securing a CI/CD pipeline in the container environment is not a mean task. CNAF secures each individual service by building individual micro-firewalls and CNNF secures communication between services.

Aqua Security, also founded in 2015, is comparable to Twistlock. Its core features are very similar, and both integrate easily into CI/CD pipeline. Twistlock specialized in Docker containers from the beginning and increasingly built features to position itself as a holistic container security solution. As the market evolved, there was a need for a unified data platform to address security and monitoring for large systems. It became important to find solutions for the missing element — visibility.

The global application container market, valued at $1.2 billion in 2018, is projected to reach $4.98 billion by 2023. The rapid adoption of application container solutions for their many benefits has fueled this growth. The container security market is also expected to grow tremendously during this period as services are required to secure the many security gaps in containers to leverage their full potential. Some of the major vendors, apart from Twistlock, eyeing a big slice of the container security pie are Aqua Security, SysDig, NeuVector, Alcide, Qualys, Google Container Security, Docker, StackRox, Alert Logic, and Trend Micro.

Today, there is a growing list of companies offering services in the space. There is not a lot of difference in features or functionalities of the solutions provided by these companies. All of them have the same core features with a different focus area. One catches what the other misses, thus making them most efficient in combination while they may not provide holistic security solutions on their own. It is also speculated that the so-called area of focus may be a marketing strategy in a market filled without products sans differentiation. Companies are promoting themselves as a specialized service in an effort to stand out in a saturated space. However, the focus areas of these various security platforms indicate their future possibilities and they may become truly specialized services in the future as they continue to build stronger features focused on their niches.

A need for comprehensive solutions

However, this is not a situation that simplifies the matter for the customers of security platform solutions. Companies are increasingly looking for comprehensive solutions as cloud environment continues to become more complex. IT companies have started to fret at having to spend money at every single nuance of cybersecurity problems. It is very expensive for organizations to integrate and maintain several vendors. They are demanding a more comprehensive, consolidated solution to reduce the number of focused products. The winner in this race will be the first cybersecurity vendor to come up with a consolidated solution that makes the most economical and functional sense to the customer. It will be safe to say that the wave of acquisitions will continue as the smaller companies get acquired and integrated into a few big giants. So, expect more acquisition news in the future, as this nascent market grows into a massive world of opportunities.

Featured image: Shutterstock

About The Author

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top