The Expert's View with Michael Novinson

Application Security , Next-Generation Technologies & Secure Development

Why Palo Alto Networks Now Wants Cider Security, Not Apiiro

Palo Alto in Talks to Buy Cider for $200M, Walks Away From $600M Apiiro Deal
Why Palo Alto Networks Now Wants Cider Security, Not Apiiro

Palo Alto Networks has scaled back its M&A ambitions, walking away from a $600 million deal for Apiiro in favor of a $200 million purchase of Cider Security, Calcalist reported.

See Also: Breaking Free from VPN Limitations: Simplifying Remote Access Security

The Silicon Valley-based platform security behemoth in recent days abandoned its negotiations with Apiiro after the two sides remained far apart on an appropriate valuation for the New York-based code risk platform provider, according to Calcalist. Apiiro has instead opted to raise a significant sum from a venture capital fund, said Calcalist, which first reported the Palo Alto-Apiiro acquisition talks last month (see: Why Would Palo Alto Networks Want Startup Apiiro for $600M?).

Palo Alto Networks has instead set its sights on Tel Aviv-based Cider Security, which focuses on securing engineering processes and systems from code to deployment, Calcalist reported Thursday. The two sides are in active negotiations, Calcalist reported, and the cost of the buy is expected to be around $200 million. Palo Alto Networks and Apiiro declined to comment, while Cider Security didn't respond to inquiries.

How Cider Built a Growing Business

Cider Security was founded in December 2020 and emerged from stealth in March 2022 with a $38 million Series A funding round led by Tiger Global Management. Today, Cider Security employs 107 people and helps optimize an organization's CI/CD security based on a set of prioritized risks and recommendations tailored to its environment. Cider customers include Perception Point and insurance vendor Lemonade.

The company is led by its co-founder Guy Fletcher, who previously spent three years spearheading the security and privacy program at mobile attribution and analytics vendor AppsFlyer. Co-founder and CTO Daniel Krivelevich previously spent four years at cyber consulting and IR vendor Sygnia, where he led the application and cloud security teams. The two met in late 2014 at conversational AI vendor LivePerson.

Since emerging from stealth, Cider Security has brought in Snir Ben Shimol - who built Varonis' security practice from the ground up - to serve as chief strategy officer and ShiftLeft sales leader Carl Elsinger to serve a similar role at Cider, where he'll focus on growing the company's global sales operations and serving new enterprise customers. Cider's platform debuted earlier this month on the AWS Marketplace.

Why Cider Is Cheaper Than Apiiro

Cider Security's more modest price tag likely stems from it bringing less maturity and breadth to the table than Apiiro. Apiiro emerged from stealth 17 months earlier than Cider Security and won RSA Conference's prestigious Innovation Sandbox Contest four months before Cider even had its first paying customer.

And while Cider has focused on developing a single, unified platform for end-to-end CI/CD security, Apiiro already has eight products addressing everything from application and cloud security to software supply chain security. Investors like to see startups continuously introducing new products since it allows the company to expand its total addressable market and increase its wallet share with existing customers.

Apiiro's leaders also have a track record of engineering a profitable exit for investors. Co-founder and CEO Idan Plotnik previously established and sold user and entity behavior analytics pioneer Aorato to Microsoft in November 2014, where he remained for another 2.5 years leading the software giant's advanced threat analytics practice.

Where Cider Fits Within Palo Alto

Cider Security plays in a similar space as Bridgecrew, which Palo Alto Networks bought for $156 million in February 2021 in the company's last significant acquisition. Bridgecrew focuses on giving developers and DevOps teams a systematic way to enforce infrastructure security standards throughout the development life cycle.

The company's technology today operates within the Palo Alto Networks Prisma Cloud portfolio, and the firm's open-source Checkov tool powers Prisma Cloud's infrastructure-as-a-code security product. Similarly, Cider Security assesses the posture of a firm's engineering systems and processes to see how it would fare in realistic attack scenarios and identify controls needed to reduce its CI/CD attack surface.

Cider would likely follow in Bridgecrew's footsteps and become part of Palo Alto's fast-growing Prisma Cloud practice, which secures hybrid and multi-cloud environments across the development life cycle from code to runtime. Palo Alto Networks is the fourth-largest player in the fragmented cloud workload security market, notching 5.8% market share in 2021, up slightly from 5.6% a year earlier, IDC found.

How Palo Alto's Approach to M&A Has Changed

Palo Alto Networks has been on a 20-month dry spell when it comes to major acquisitions dating back to the company's purchase of Bridgecrew. That's a far cry from early 2018 to early 2021 when Palo Alto spent $3.46 billion on 12 deals during Nikesh Arora's first few years as CEO. Palo Alto bought everything from attack surface management vendor Expanse to SOAR firm Demisto and SD-WAN player CloudGenix.

Arora told investors in August 2021 and reiterated this August that Palo Alto Networks doesn't plan to pursue any major acquisitions since the company already has a product in virtually every category where it wishes to play.

"The public market has rationalized; the private markets probably haven't yet," Arora told investors Aug. 22. "It's a bit like real estate, and people remember what the neighbor's house sold at and kind of forget what their house is worth. So until people realize the true value of their house, it's going to be a while longer before acquisitions come into the security market again."

About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.