Well, here’s an interesting piece of funding and M&A news – a coming together of two different vendors and a chest full of look for the pair of them.
SecureAuth is a vendor in the enterprise security space. They cover off a range of different tasks including identity and access security, endpoint, network, and threat detection. For their part, Core Security is in the security analytics space. They provide a variety of threat-aware, identity & access, network security, and vulnerability management solutions.
Better together?
The idea of this merger (which, I have to add, is awaiting approval from Federal agencies) is that security operations and identity and access management (IAM) are two sides of the same coin. Increasingly, IAM platforms have to rely on advanced security tools to provide visibility and control over access. Whereas in the past a rules-based approach towards IAM would suffice, today the bad actors are more creative and correspondingly creative solutions are needed.
And while standalone security platforms still deliver lots of utility, given that many of these will be deployed to provide cover over an IAM solution, bringing the two worlds together makes sense. The newly merged company will have a significantly bigger footprint, with a combined 1,500 customers, 360 employees and a globally distributed location base.
IDC analyst Frank Dickson rams home the need for more advanced threat detection and security coverage, opining that:
The 2017 cybersecurity reality is that the task of guarding our cyber assets is increasingly difficult. The sophistication of cyber miscreants is growing rapidly. It is safe to consider the impenetrable network perimeter officially dead, as our data, applications and our devices cannot predictably be found in the networks that reside behind perimeters. Security tools proliferated and qualified information security professionals are scarce. The only way to escape the continual cat-and-mouse game is to approach the problem differently, fundamentally redefining the approach.
By bringing together network, endpoint, vulnerability, and identity security, SecureAuth and Core Security suggest that they will offer the industry’s first identity-based security automation platform. Obviously, many of their competitors would argue with that assertion but, to be honest, the “who is first?” question is less important than the utility that a combined offering like this brings. Riffing on those synergies, Jeff Kukowski, CEO of the newly combined company, said that:
The security industry must deliver an integrated and relevant approach to our customers. Despite the incredible amount of money spent on security technology, front-line security professionals in the most sophisticated Security Operations Centers (SOC) are challenged in managing and visualizing the full attack surface. Including identity information into the threat landscape alongside traditional network, endpoint, and vulnerability information substantially reduces threat discovery and response time. We are protecting over 50 million people today with identity security solutions and monitoring network activity on over 750 million devices worldwide, and we can now deliver an entirely new approach to integrating security operations and deploying advanced machine learning to achieve real automation in the SOC.
Alongside the merger, SecureAuth is announcing a new $200 million investment round.
MyPOV
Well, we didn’t see this one coming, but the merger probably makes sense. The combined platform, alongside the not insignificant inflow of investment cash, will give the new company the ability to be heard above the noise of their many competitors. From a technology perspective, the idea of a combination of IAM and security makes sense and it will be interesting to see how the integration between the two businesses, and their respective products, goes.
