The post-pandemic era has greatly fueled mergers and acquisitions in the cloud security and DevOps industries. The year 2021 saw almost unparalleled amounts of activity, with more than 50 firms being acquired. This makes complete sense as 2021 has also seen some of the biggest cyber attacks on record. In nearly all cases, the acquiring organizations either acquired firms to solidify their positions in their markets or to enter into new markets.
Mergers and acquisitions: a double-edged sword
Mergers have the tendency of going one of two ways — being a revolutionary business deal or a huge sore spot that can be abused by cybercriminals. Hundreds and thousands of applications, users, permissions, and resources of two organizations have to be merged and need to be maintained throughout the transition period — leaving huge room for mishaps. On the plus side, mergers can help an enterprise by enabling it to acquire services of the other firms that it lacks. The other firm may also have capabilities that complement the enterprise's existing products and will improve overall product performance.
On the other hand, mergers can prove to dampen security hygiene, especially when merging the cloud infrastructures of two companies. Security teams are forced to rapidly and efficiently take over and implement security in a unified way across both organizations — with little understanding of the nuances of the acquired firm. Engineers may inherit an existing cloud infrastructure with little or no understanding of its functionality, thus creating a post-merger knowledge gap. There are also issues like visibility across the expanded cloud infrastructure, cleaning up inactive identities, and disabling unwanted access to random apps and programs.
Let’s look at some of the hottest startups that were acquired.
Image Source: bricsmagazine
Top 5 cloud security startup acquisitions of 2021
1. CloudKnox by Microsoft
Microsoft went on a buying spree and bought a bunch of companies under diversified themes. But the first of two that fall in the cybersecurity bracket is the acquisition of CloudKnox. The startup offers complete visibility into privileged access. It protects resources, cloud infrastructure, and identities across multi-cloud and hybrid environments. It uses activity-based authorization APIs to detect over-privileged machines and users. The major appeal of CloudKnox is that it covers multiple cloud services. This feature can be leveraged by Microsoft to strengthen its Azure Active Directory’s cloud identity and access services. Additionally, the acquisition will nudge Microsoft towards zero-trust security. It will enable Azure customers to enforce the least privilege principle, which will ensure that only continuously verified users and devices are allowed access to sensitive data. This merger will equip the mutual customer base with continuous monitoring and analytics to help prevent security breaches, automated remediation for multi-cloud permissions, and granular visibility.
2. RiskIQ by Microsoft
As the threat of ransomware intensifies, Microsoft has acquired the leading threat intelligence and attack surface management firm RiskIQ for $500 million. The cloud-based cybersecurity platform detects security vulnerabilities across devices and networks by using machine learning applications to analyze threats, identify their source, and neutralize attacks quickly. It enables customers to identify and assess the security of their entire enterprise attack surface. RiskIQ also provides global threat intelligence collected from across the internet and analysis using machine learning. This can be accessed by organizations to understand and identify sources of attacks and indicators of compromise — which helps to detect attacks quickly.
Microsoft has been a long-standing leader in delivering end-to-end cloud-native security that helps identify, respond, and protect from threats across multi-cloud environments. The acquisition of RiskIQ is a powerful addition to Microsoft’s security portfolio, allowing them to provide better protection to organizations running infrastructure across multiple cloud environments. It also enables them to protect their mammoth digital estate against security attacks.
Image Source: vulcanpost
3. Mesh7 by VMware
VMware acquired cloud-based security startup Mesh7 in hopes of integrating it with their Tanzu unit to work on service mesh security. Mesh7 built a niche API gateway that secures microservices running in Kubernetes and VMs. It focuses on the security of the network at the application layer (layer 7), which is concerned with the inbound and outbound traffic management of underlying microservices. Mesh7 goes beyond mere API management and integrates the traffic flowing through applications to deliver auto-discovery of microservices. And since it has visibility into traffic, it provides robust observability of API interactions. Mesh7 is based on a popular open-source proxy called Envoy, on which VMware’s Tanzu Service Mesh is also based. Although Tanzu Service Mesh is designed to manage microservice traffic, it still lacks a secure API gateway that could be integrated into Kubernetes' ingress resource for applications to communicate with each other. Now VMware can use Mesh7’s contextual API behavior, as it can be integrated with Tanzu Mesh to deliver a greater understanding between applications. This acquisition is a perfect match because both Mesh7’s contextual API behavior solution and Tanzu Service Mesh are based on Envoy, thus enabling seamless integration. Additionally, it will enable VMware to bring visibility and better security to APIs.
4. Humio by CrowdStrike
Early this year, cyber security powerhouse CrowdStrike completed its acquisition of log analysis and observability startup Humio for $352 million in cash and $40 million in stock. The startup has the ability to ingest and analyze structured, semi-structured and unstructured data and enable simplified log management. CrowdStrike, on the other hand, is a cybersecurity company focused on endpoint protection and threat intelligence for enterprises. It helps organizations detect signs of an attack through various entry points to preemptively thwart a breach. The acquisition enables CrowdStrike to inflate its detection and response capabilities by consuming data from any log or application to deliver practical insights and real-time protection. Additionally, it also allows CrowdStrike to solve real-world customer problems by computing index-free data ingestion and inspection capabilities for all kinds of data. Through the acquisition of Humio, CrowdStrike is looking to add logging capabilities to its security monitoring tools. CrowdStrike and Humio together will provide enterprise-grade solutions that address the challenges of operationalizing large and growing amounts of log data.
5. Scalyr by SentinelOne
In the same vein as CrowdStrike acquiring Humio, the autonomous cyber security company SentinelOne acquired the cloud-scale data analytics platform Scalyr. SentinelOne has pioneered AI-powered automated response capabilities. It protects all entry points to a company network by monitoring for security threats. Scalyr, on the other hand, consumes huge amounts of machine and application data in real time. This data is analyzed at machine speed across multiple systems so that security professionals have practical intelligence to autonomously detect, respond to, and mitigate threats. Scalyr’s acquisition by SentinelOne will enable the latter to ingest and monitor data from any source, extending its reach beyond just endpoint protection. In addition, the acquisition fastens SentinelOne’s product innovations while maintaining a sustainable growth model. The combination of Scalyr’s data analysis and SentinelOne’s AI capabilities leads the way to a new era of machine-speed detection, response, and prevention of attacks across the enterprise landscape.
Acquisitions are almost like conducting a science experiment. You risk merging two firms that may or may not work together. The result may be a successful business deal — or the creation of Frankenstein’s monster.
Featured Image Source: rtcdn.net