Palo Alto Networks® (NASDAQ: PANW), the global cybersecurity leader, announced that it has signed a definitive agreement to acquire Cider Security (Cider), a pioneer in application security (AppSec) and software supply chain security. The proposed acquisition supports Palo Alto Networks Prisma® Cloud’s platform approach to securing the entire application security lifecycle from code to cloud. Combined with its recently announced Software Composition Analysis (SCA) capabilities, Prisma Cloud will now provide the industry’s most comprehensive supply chain security solution as part of its code-to-cloud security platform.
The diversity, velocity, and dynamic nature of today’s software engineering ecosystem have introduced a wide array of new security challenges and gaps, which have made the software supply chain one of the biggest emerging attack vectors for cyber attackers. The average CI/CD pipeline can have hundreds of developer tools connected to it, which poses an enormous security risk. While much attention has been put on where code comes from, very little has been placed on the applications and software used in the development pipeline.
“Any organization using the public cloud has an application infrastructure with hundreds of tools and applications that can access their code and yet, they have limited visibility to their configuration or if they are secured,” says Lee Klarich, Chief Product Officer for Palo Alto Networks. “Cider has made it possible to connect to infrastructure, analyze the tools, and identify the risks, as well as how to remediate them. We are acquiring Cider for their innovation that will help enable Prisma Cloud to provide this capability that anyone doing cloud operations has to have.”
“We designed an AppSec platform that allows engineering to continue to move fast, without making compromises on security. It’s only fitting that we join Palo Alto Networks, a company built upon landmark cybersecurity ‘firsts’. There couldn’t be a better fit for Cider,” said Guy Flechter, CEO at Cider Security. “By scanning and securing the CI/CD pipeline, we can help identify where there may be vulnerabilities in your code. Prisma Cloud will now be the ultimate solution for code to cloud security.”
Under the terms of the agreement, Palo Alto Networks will acquire Cider Security for approximately $195 million in cash, excluding the value of replacement equity awards, subject to adjustment. The proposed acquisition is expected to close during Palo Alto Networks’ second quarter of fiscal 2023, subject to the satisfaction of customary closing conditions. The acquisition is not expected to have a material impact on the company’s financials.
Palo Alto Networks Prisma Cloud is the industry’s most complete cloud-native application protection platform, an early mover in the cloud security space, revolutionizing how organizations protect their multi-cloud environments with a platform approach rather than relying on multiple disparate cloud security products. A year ago, Prisma Cloud “shifted left” with the release of Cloud Code Security, which has been amongst Prisma Cloud’s fastest adopted modules. This was followed up with the September 2022 release of context-aware SCA. Cider furthers Prisma Cloud’s mission by unifying Cloud and Application Security with a unique approach that cannot be achieved by point solutions.