Palo Alto Networks Acquires Supply Chain Security Vendor, Aims to Strengthen Application Security

Check out the on-demand sessions from the Low-Code/No-Code Summit to learn how to successfully innovate and gain efficiencies by improving and scaling citizen developers. Watch now.

Palo Alto Networks (PAN) announced Thursday that it will acquire application security and software supply chain provider Cider Security for approximately $195 million in cash. According to Melinda Marks, senior analyst at Enterprise Strategy Group, this acquisition is a good step forward in enabling security to evolve with modern software development.

PAN said the plan is for Cider to support its Prisma Cloud platform to secure the entire application security lifecycle, from code to cloud.

"For cloud-native development, you have developers empowered to provision and deploy applications in the cloud to make them available to customers, partners, and employees, and while that increases productivity, it's challenging for security teams to keep up with the speed and protection of applications in these dynamic and exposed environments,” Marks told VentureBeat in an email interview.

Cider Security is a good example of a company integrating observability into developer workflows, such as CI/CD pipelines, to better embed security, she said. "What PAN is doing with Prisma by tying all of these solutions together is allowing security to be more integrated into development - shifting some of the work left to developers - while giving security teams visibility and a consistency check between the development teams."

Smart Security Summit

Learn about the essential role of AI and ML in cybersecurity and industry-specific case studies on December 8. Sign up for your free pass today.

According to ESG's new report, Walking the Line: GitOps and Shift Left Security, 68% of respondents said adopting developer-centric security solutions was a high priority, 31% said it was important but not a priority, and only 1% said it was not a priority.

Today's software engineering ecosystem is more diverse, evolves faster, and is inherently more dynamic. This has introduced a wide range of new cybersecurity challenges and gaps, making the software supply chain one of the largest emerging attack vectors for cyberattacks, PAN said in a press release announcing the release. 'acquisition.

“The average CI/CD pipeline can have hundreds of development tools connected, posing a huge security risk,” the company said. "While a great deal of attention has been paid to the origin of the code, very little has been paid to the applications and software used in the development pipeline."

“Any organization using the public cloud has an application infrastructure with hundreds of tools and applications that can access their code and yet they have limited visibility into their configuration or if they are secure," said Lee Klarich, chief product officer for PAN. , in a report. “Cider enabled us to connect to the infrastructure, analyze the tools and identify risks and how to resolve them. We are acquiring Cider for their innovation that will enable Prisma Cloud to provide this capability that anyone doing cloud operations should have. »

>>Don't miss our new...