Palo Alto Networks Acquires AppSec Startup Cider Security; XSIAM Gains Traction
Palo Alto Networks is acquiring Cider Security, a startup software company focused on application security (AppSec) and software supply chain security. The deal, valued at $195 million, is expected to close before February 2023. In addition to the acquisition, Palo Alto Networks CEO Nikesh Arora (pictured above) also touted the company’s continued financial momentum, along with early XSIAM partner and customer traction.
The Palo Alto Networks-Cider Security announcement is technology M&A deal number 962 that MSSP Alert and sister site ChannelE2E have covered so far in 2022.
Rumors about Palo Alto Networks potentially acquiring Cider Security had swirled since around October 2022 (see item A1 here).
Application Security, Supply Chain Security: Cider Business Background
Cider Security, founded in late 2020, is based in Tel Aviv, Israel. The company has 94 employees listed on LinkedIn. Co-founders Guy Flechter and Daniel Krivelevich previously held key posts at LivePerson.
Cider Security in March 2022 raised $38 million in Series A funding led by Tiger Global Management. At the time, Cider’s AppSec software was “already in use with dozens of global companies” — though the security company did not disclose any revenue figures associated with those deployments.
Cider Security’s technology will align with Palo Alto Networks’ Prisma Cloud as part of a supply chain security solution and code-to-cloud security platform, the buyer said.
Palo Alto Networks Acquires Cider Security: Executive Perspectives
In a prepared statement about the deal, Lee Klarich, chief product officer for Palo Alto Networks, said:
“Any organization using public cloud has an application infrastructure with hundreds of tools and applications that can access their code and yet, they have limited visibility to their configuration or if they are secured. Cider has made it possible to connect into infrastructure, analyze the tools, and identify the risks, as well as how to remediate them. We are acquiring Cider for their innovation that will help enable Prisma Cloud to provide this capability that anyone doing cloud operations has to have.”
Added Guy Flechter, CEO at Cider Security:
“We designed an AppSec platform that allows engineering to continue to move fast, without making compromises on security. It’s only fitting that we join Palo Alto Networks, a company built upon landmark cybersecurity ‘firsts’. There couldn’t be a better fit for Cider. By scanning and securing the CI/CD pipeline, we can help identify where there may be vulnerabilities in your code. Prisma Cloud will now be the ultimate solution for code to cloud security.”
Palo Alto Networks has maintained steady M&A activity. Noteworthy acquisitions include:
- February 2021: Bridgecrew for cloud security posture management (CSPM).
- November 2020: Expanse for attack surface management technology.
- August 2020: The Crypsis Group for incident response, risk management and digital forensics.
Palo Alto Networks: Financial Performance
Meanwhile, Palo Alto Networks also disclosed Q1 financial results for fiscal 2023. Among the metrics to note:
- Revenue was $1.6 billion, up 25% compared to the corresponding quarter last year.
- Net income of $20 million, compared to a net loss of $103.6 million.
The figures generally beat Wall Street’s expectations. Moreover, the security company raised its financial forecast for the current fiscal year — which suggests certain security market leaders continue to overcome economic and recession concerns.
Autonomous Security: Early XSIAM Partner and Customer Momentum
On the partner front, Palo Alto Networks continues to tout autonomous security operations opportunities. The effort involves XSIAM — which is short for Extended Security Intelligence & Automation Management.
Palo Alto Networks positions XSIAM, which is now generally available, to disrupt the traditional SIEM (Security Information and Event Management) market. Describing XSIAM partner and customer momentum, CEO Nikesh Arora (pictured, top) said:
“Most recently, we’ve had two multimillion-dollar commitments from XSIAM design partners as they expanded into production deployments. At this point, the majority of our design customers have transitioned to paying customers. In fact, we are carefully managing how we onboard future XSIAM customers because we want to ensure fast customer time to value. Our interest list is north of 50 customers, who would like us to deploy XSIAM. We’re qualifying them and carefully onboarding them so that we can scale the business appropriately and give them value.”
The comments surfaced during the Palo Alto Networks earnings call on November 18, 2022.