Tenable Inc. has agreed to obtain cloud-native security startup Accurics Inc. for $a hundred and sixty million in dollars.
The settlement, which was declared Monday, will expand the vulnerability management’s system into securing the cloud with infrastructure as code (IaC) choices. Founded in 2019, Accurics aims to support enterprises and security teams by codifying security throughout the progress lifecycle. As section of that objective, the seller, which is centered in Pleasanton, Calif., and has fewer than 100 staff members, created Terrascan, an open resource resource for DevOps that contributes to cloud IaC procedures.
Piyush Sharrma, co-founder and CEO at Accurics, reported that with Tenable, they will pioneer a new approach to present day possibility management. That contains proactive identification, prioritization and remediation of computer software flaws ahead of deployment in cloud-native and hybrid environments.
The offer is envisioned to close late in the third quarter or early in the fourth quarter of 2021.
Glen Pendley, Tenable’s deputy CTO, reported the acquisition will be Tenable’s first growth into securing IaC, which has found a rise in popularity recently.
“To aid this motion, cybersecurity demands to innovate with Protection as Code,” Pendley wrote in an electronic mail to SearchSecurity. “By holistic evaluation, we are referring to supplying visibility into flaws in cloud methods ahead of, throughout and right after deployment throughout their whole lifecycle.”
Monitoring for vulnerabilities in the cloud can be tough. 1 problem comes with the IaC templates. Doug Cahill, vice president and team director of cybersecurity at Company Tactic Group (ESG), a division of TechTarget, reported present day, cloud-native applications are increasingly described in a declarative fashion by way of IaC templates. Even so, these templates can result in misconfigurations becoming inadvertently released into generation environments generating exploitable assault paths.
“As these kinds of, scanning IaC templates pre-deployment aids prevent vulnerable configurations from becoming deployed, a DevSecOps use situation 48% of ESG research respondents intend to employ around the up coming 12-24 months,” Cahill wrote in an electronic mail to SearchSecurity. “Tenable’s acquisition of Accurics extends the firm’s approach to vulnerability management to the pre-deployment stage as very well as to configurations.”
Jon Oltsik, senior principal analyst at ESG, reported the move is an additional step towards Tenable’s try to give comprehensive protection across possibility identification and mitigation. Whilst typically, Tenable’s vulnerability management addresses actual physical and digital infrastructure, it is really made a few investments to lengthen this protection to the cloud and containers.
For illustration, Tenable acquired Alsid in April for just underneath $100 million in order to safe Energetic Directory environments. In 2019, Tenable acquired operational technological innovation seller Indegy, which led to an integration for cloud-centered vulnerability management.
“Finally, Tenable desires to give corporations with a dashboard that not only provides visibility of property and risks, but also aids quantify possibility and advise possibility mitigation priorities. Tenable is prepared to devote in spots to make this vision a reality,” Oltsik reported in an electronic mail to SearchSecurity.