Elastic, which provides the Limitless extended detection and response (XDR) platform, has purchased authorization policy management company build.security for an undisclosed sum. The company expects to finalize the acquisition in its fiscal second quarter of 2022, according to a prepared statement.

This is technology M&A deal number 527 that MSSP Alert and ChannelE2E have covered so far in 2021. See all technology M&A deals for 2021 and 2020 listed here.

The acquisition will enable Elastic's customers to use build.security's technology with Limitless XDR to prevent, detect and respond to threats in real time across cloud environments, the companies said. These customers also will be able to leverage build.security's technology to validate their security posture against Center for Internet Security (CIS) benchmarks and other standards.

In addition, Elastic and build.security intend to build a Kubernetes integration that promotes cloud application security and compliance, the companies stated. This integration will allow Elastic customers to leverage build.security's technology to incorporate cloud security capabilities into their applications early in the development process.

Limitless XDR blends security information and event management (SIEM) and endpoint security capabilities, Elastic stated. It allows users to ingest and retain large volumes of data from multiple sources and hunt for threats.

Furthermore, Limitless XDR provides users with threat visibility, Elastic said. It also offers security analytics and automates threat remediation and prevention.

A Closer Look at Build.Security's Authorization Policy Management Platform

Developers can use build.security's platform to incorporate authorization capabilities into their applications, the company noted.

The platform leverages Open Policy Agent (OPA), an open source, general-purpose policy engine that provides context-aware policy enforcement, build.security indicated. It provides developers with the ability to simultaneously generate and manage best-practice authorization controls across their cloud applications and guard against security vulnerabilities.