Tenable to Buy Startup Ermetic for $265M to Safeguard Clouds2nd-Largest Pure-Play Cyber M&A Transaction of 2023 Unites Identity, Cloud Security
Tenable plans to purchase a cloud security startup founded by the longtime leader of Secdo to help security teams make efficient and accurate remediation decisions.
The Baltimore-area exposure management vendor said its proposed acquisition of Boston-based Ermetic will make it easier for security professionals of all cloud expertise levels to spot and quickly address risks. Ermetic's CNAPP and CIEM tools provide clear remediation instructions, meaning teams no longer need cloud security experts to understand where the most urgent risks exist and what to do about them (see: Why Tenable Is Eyeing Security Vendor Ermetic at Up to $350M).
"We will have an opportunity to put additional market-leading cloud security capabilities into the hands of tens of thousands of customers," Tenable Chairman and CEO Amit Yoran said in a statement. "Together, we will be able to deliver a holistic view of the modern attack surface and help organizations reduce exposure and risk, using identity as an essential foundation."
Tenable will pay $265 million for Ermetic, including $240 million in cash and $25 million in restricted stock and RSUs. The acquisition is expected to close early in the fourth quarter and will increase non-GAAP operating expenses by $4 million to $6 million and reduce unlevered free cash flow by $14 million to $16 million. Tenable's stock is unchanged in premarket trading Thursday at $46.03 per share.
2nd-Largest M&A Deal by Pure-Play Security Vendor in 2023
The Ermetic deal was announced 15 months after Tenable completed its $43.8 million acquisition of Santa Clara, California-based Bit Discovery to help organizations discover, attribute and monitor assets on the internet. It's the second-largest transaction carried out by a pure-play security vendor this year - behind only Check Point's $490 million purchase of security service edge vendor Perimeter 81 (see: Check Point to Buy SSE, ZTNA Startup Perimeter 81 for $490M).
Ermetic was established in July 2019, raised $97.3 million in three rounds of outside funding and laid off 30 employees - or 17% of its workforce - in January, according to Calcalist. CEO Shai Morag co-founded and led Secdo - which was bought by Palo Alto Networks for $82.7 million in April 2018 - CBO Arick Goomanovsky co-founded Sygnia, and CTO Michael Dolinsky and CPO Sivan Krigsman were at Microsoft.
"Tenable's massive install base of customers will enable to us introduce more organizations to the benefits of context-aware risk prioritization to solve problems before they manifest," Morag said in a statement.
Ermetic's CNAPP technology automates asset discovery and risk analysis while accelerating remediation and compliance, delivering both infrastructure-as-code security and agent-based and agentless assessments for runtime environments, Tenable said. The company's CIEM tool visualizes all human and service identities and entitlements for the cloud, using automated analysis to reveal and prioritize risk (see: Tenable CEO on Using AI to Spot Exploitable Vulnerabilities).
The company's risk prioritization provides greater context across all cloud and on-premises resources - including workloads, identities and data - and extends visibility across the hybrid, multi-cloud attack surface, according to Tenable. And Ermetic's guidance on and automation of the remediation process enables organizations to make rapid improvements in their security posture, Tenable said.
"This acquisition will dramatically impact our customers' ability to protect their digital estates and prioritize their teams' efforts based on real risk to the business," Tenable CTO Glen Pendley wrote in a blog post Thursday. "Ermetic and Tenable together can help organizations address three of the most difficult challenges in cybersecurity today."
Bringing Identity and Cloud Protection Together
Pendley said Ermetic will help Tenable maintain security despite the cloud's scale and pace of change, manage risk caused by an explosion in the volume of user and machine identities and better understand the modern attack surface. The company's multi-cloud CNAPP tool offers an intuitive user experience and will accelerate Tenable's ability to meet the next generation of security challenges customers face.
"We participated in the birth and growth of two new cloud security categories."
– Shai Morag, co-founder and CEO, Ermetic
Ermetic puts a lot of focus on the unique challenges presented by identities and entitlements in the cloud, which Pendley said is critical to understanding true risk to the business and prioritizing preventive actions accordingly. Finally, Pendley said, Ermetic adds analytical muscle, more contextual relationships and more data to Tenable's platform, providing context to prioritize risk and simplify remediation.
"From our first meeting, it was clear that the Tenable team shared our conviction that identity is the most critical attack surface in cloud native applications, and the most important one to address," Morag wrote in a blog post. "From incident to incident, we've seen that identity is always a major factor - in no small part because cloud identities and entitlements are so difficult to untangle and secure."
Together, Morag said, Tenable and Ermetic will deliver comprehensive context beyond the public cloud, resulting in a powerful tool for both cloud-native and hybrid environments. With both cloud platforms and the threat landscape evolving, Morag said Tenable and Ermetic can synthesize data and insights from across the enterprise to provide a level of visibility and risk mitigation that no vendor can match.
"The past four years have been an unusual time from every perspective," Morag wrote in the blog post. "We witnessed a massive wave of cloud migration, alongside major economic swings. We participated in the birth and growth of two new cloud security categories. It's been an amazing ride, and I've learned a great deal along the way."
Tenable hasn't been shy about conducting deals to widen its technological footprint. Just four months before the Bit Discovery deal, Tenable bought Cymptom for $23 million to routinely test and evaluate threats according to the MITRE ATT&CK framework. In fall 2021, Tenable bought cloud security startup Accurics for $160 million to remediate policy violations and breach paths before infrastructure is provisioned (see: Tenable to Buy Bit Discovery to Find More Vulnerable Assets).
Seven months earlier, Tenable purchased cybersecurity startup Alsid for $98 million to help customers find and fix security weaknesses in Microsoft's Active Directory in real time. And in winter 2019, Tenable bought cyber industrial startup Indegy for $78 million to provide visibility, protection and control across operational technology environments.