June 23: Siemens Digital Industries (DI) acquired UltraSoC, a Cambridge, UK-based System on Chip security startup. Siemens plans to integrate UltraSoC's technology into the Xcelerator portfolio as part of Mentor's Tessent software product suite.
As of its inception in January 2022, Trellix has more than 40,000 customers, 5,000 employees, and $2bn in annual revenue.[6] Trellix includes the endpoint, cloud, collaboration, data and user, application, and infrastructure security capabilities of FireEye and McAfee.[6] The business focuses on threat detection and response using machine learning and automation, with security technology that can learn and adapt to combat advanced threats.[34]
FireEye acquires Cloud Security startup Cloudvisory
Lost in this stack? If so, go read the previous article of this edition on cloud native that will help you get a clear understanding of it. The promise of cloud native security is to allow developers to use cloud native tools while improving the level of security.
CASB is an acronym that means Cloud Access Security Broker. Wikipedia defines it as a software that sits between cloud service users and cloud applications, and monitors all activity and enforces security policies. A CASB can offer a variety of services such as monitoring user activity, warning administrators about potentially hazardous actions, enforcing security policy compliance, and automatically preventing malware.
Certainly the most promising sub-segment, container security consists in securing the top part of the cloud native stack presented above. Container security can be seen as a market on its own with several sub-segments. Indeed, there is no company securing the whole container stack at once. To protect it, you must use several complementary solutions. Container security can therefore be split into 6 different parts. Some startups focus on one specific element whereas the majority of them is trying to cover many of them at once. The main 6 elements are the following ones.
This market is also a mature one, led by large public corporations and late stage startups. 70% of the players on this market are based in the USA according to Tracxn. Recent VC deals on the infrastructure security market include the $75M Series F of BetterCloud (01.2020), the $60m Series C of Guardicore (05.2019) or also the $42m Series C of Lacework (09.2019). As for the exits, the last two ones were Cloudvisory acquired by FireEye (01.2020) and 5nine Software acquired by Acronis (12.2019).
The cloud native security market is a large growing one. Indeed, according to MarketsandMarkets, it is expected to grow from $34.5B in 2020 to $68.5B in 2025 at a CAGR of 14.7% during the forecasted period. Most players are based in the USA and Israel, similarly to other cybersecurity companies. This market is driven by the following two elements:
When analyzing a cloud native security startup, it is crucial to understand its offerings. Indeed, some of them sell several elements at the same time, such as CASB and elements of container security. In order to have a good understanding of the competition landscape, it is therefore important to understand every company\u2019s offerings. Getting this kind of understanding is also helpful to know which companies are complementary to ensure a full protection of the cloud native stack.
FireEye's (FEYE) growth factor will continue to improve as the cloud and professional services segments become a more dominant portion of overall revenue. FireEye has invested in solid technologies to capture more market share in the cloud security space. As it continues to optimize the cost of capital of its on-prem business, the expected multiple expansion will be unlocked. As a result, long-term investors should continue to hold on to shares of FireEye.
FireEye has largely positioned itself as the vendor that puts in a bit more intelligence and expertise where other security players stop. During and post COVID-19, FireEye will have the chance to prove its mettle. FireEye's cloud solutions and professional services will benefit from the growing need for organizations to stay on top of the latest cyber threat as they move more of their workloads online. The attack surface of connected networks and devices will multiply. The huge volume of data lanes that can be hijacked by rogue hackers means organizations need to continue to view security as an important IT budget.
As an investor, having digested the volatile impact of the transition to a security as a service model, we can focus on the long-term growth drivers, which is the platform cloud and managed services business.
Cloudvisory, a provider of continuous visibility, compliance, and security policy governance solutions for multi-cloud and data center assets, has been acquired by California-based FireEye Inc.
Cloud maturity comes with greater cloud diversification which is why 84% of respondents on a recent IDG survey admitted to moving workloads away from public clouds to different environments. But how do you keep up with the security vulnerabilities that might arise from this diversification and fragmentation? This article discusses ten software solutions that can help address this challenge.
Overview: Founded in 2002, Alert Logic is a managed detection and response (MDR) provider that supports various IT infrastructure landscapes, including the hybrid cloud. In addition to MDR, it has a host of other capabilities like firewall protection, network intrusion detection, and security integrations for specific cloud-based environments. While Alert Logic has extra features for AWS customers, it provides powerful protection for all your endpoints, storage hosts, and network systems.
USP: A major USP of Alert Logic is its managed services value proposition, leveraging 150+ in-house cybersecurity experts to provide human-augmented threat intelligence. Along with its ML and automation capabilities, this ensures that your hybrid cloud infrastructure is protected end-to-end, 24/7.
Editorial comments: Alert Logic is an excellent hybrid cloud security solution if intrusion detection and response is a top use case at your organization. Not only does it support all major cloud instances, including AWS, Azure, GCP, VMware, container platforms, and private clouds, but it also integrates with your existing security tools such as McAfee, Auth0, Palo Alto Networks, etc.
Overview: Founded in 2009, Armor Cloud Security provides workload security and analytics tools for private-public and hybrid cloud environments. It includes threat detection and response mechanisms, as well as compliance controls for your enterprise data no matter where they reside. Importantly, Armor has its own private cloud product, where you can choose to host your security solution and associated workloads/data insights, along with coverage across AWS, Azure, Google Cloud, hybrid cloud, and private cloud.
USP: Cloudvisory has a powerful governance module. Not only is it compliant with all major regulations and standards, but it also automatically detects system alterations to enforce the ideal compliance policies. Thanks to micro-segmentation and machine learning, you can automate a significant portion of your hybrid cloud security governance activities.
Overview: CloudKnox is an identity and security controls provider that uses its unique activity-based authorization model to protect your hybrid cloud. It also works as a permissions management platform, giving you visibility into privilege creep, high-risk roles, and real-time anomalous activity. CloudKnox is purpose-built for hybrid environments, compatible with all major public clouds as well as virtual machines. 2ff7e9595c
Comments