Elastic Acquires Endgame: SIEM Threat Hunting Meets Endpoint Cybersecurity
Elastic is acquiring Endgame for $234 million. The deal will blend Elastic’s SIEM (security information and event management) with Endgame’s endpoint prevention, detection and response capabilities. MSSPs and partners will gain the ability to extend threat hunting to the endpoint, the companies say.
Elastic builds self-managed and SaaS offerings that make data usable in real time and at scale for use cases like application search, site search, enterprise search, logging, APM, metrics, security, business analytics, and many more, that company says.
Endgame enables security operators of any skill level to prevent ransomware, phishing, and targeted attacks, that company says.
We’re checking to see if Elastic has MSSP (managed security services provider) and MSP partner programs. Endgame appears strong in those areas, working such Top 100 MSSPs, strategic partners and technology partners as Accenture, Critical Start, DXC Technology, Optiv and Red Canary (among many others).
Elastic Acquires Endgame: Executive Perspectives
In a blog about the deal, Shay Banon, CEO and founder of Elastic, said:
“Endpoints provides a critical source of security data. As we make our investments in the SIEM market, a big part of it is in our existing Beats agent-based technology. We have been working on expanding to collect additional security-oriented data, including data from hosts, in the Elastic Common Schema (ECS). Endgame’s endpoint product would take that to a whole new level. It has built-in, enriched security data collection capabilities. This data is a gem to store in a powerful search engine like Elasticsearch. With Kibana’s real-time visualization, security users would gain access to a whole new level of analysis to help protect their organizations from attacks.”
Nate Fick, CEO of Endgame, added:
“We’ve built an Endpoint security platform that simplifies security so that all organizations can prevent, detect, and respond to attacks. It’s been wonderful to see the impact our product is having on the organizations using it, from successfully stopping targeted attacks, reducing time to detect attacks, and cutting operational costs. By joining forces with Elastic, we will be able to take our endpoint platform to another level, integrate with their SIEM efforts, and give users everywhere in the world a complete security solution.”
The deal is expected to be finalized in Q3, pending certain regulatory approvals.
Elastic Business Background, Cybersecurity Strategy
Elastic essentially is a data search company moving deeper into security. The company has offices in Mountain View, California and Amsterdam, The Netherlands.
Elastic has been in rapid growth mode. According to Q4 2019 financial results released June 5, 2019:
- Revenue was $80.6 million, up 63 percent from Q4 the previous year.
- net loss was $34.8 million; larger than a $21.4 million net loss in Q4 the previous year.
- the company has more than 8,100 customers paying for subscription services.
Still, the company’s 2020 forecast disappointed some investors and shares are down about 4 percent this morning.
SIEM and Endpoint Market Evolution: Funding, Acquisitions
SIEM and endpoint security vendors have announced a range of funding, merger and acquisition deals in recent months.
- SIEM & SOAR cybersecurity specialist Siemplify recently raised $30 million for MSSP partner program expansion. Rivals Sumo Logic & Exabeam also received recent funding.
- On the endpoint security front, SentinelOne raised $120 million.
- SOAR specialist Swimlane raised $23 million.
- and these funding deals and acquisitions also surfaced.