Trend Micro aims to maintain its leadership position in cloud security over Palo Alto Networks through the US$70 million purchase of cybersecurity startup Cloud Conformity.
The Tokyo-based platform security giant said its acquisition of the 50-person cloud security posture management company will help Trend Micro address misconfigurations and unprotected user accounts in the public cloud space, according to Chief Operating Officer Kevin Simzer. The deal comes a year after Palo Alto Networks acquired top Cloud Conformity competitor RedLock for US$173 million.
“We’ve got so much stuff unfolding around hybrid cloud,” Simzer told CRN USA. “Everybody will be coming after us from a cloud competition standpoint, because we’re the ones to beat. We’re got the number one spot today, and we aim to keep it.”
Trend Micro’s hybrid cloud security practice - of which Cloud Conformity will become a part - accounts for a quarter of the company’s nearly US$1 billion in annual sales, according to Simzer. Palo Alto Networks, meanwhile, said that its Prisma cloud security practice and Cortex security operations practice contributed US$452 million of billings in the company’s most recent fiscal year, which ended 31 July.
But Simzer said some of the products Palo Alto Networks considers to be cloud security are actually just physical appliances that utilize a Software-as-a-Service-based console. Trend Micro would just consider those to be SaaS offerings, Simzer said, reserving the cloud security moniker for tools that genuinely protect workloads, containers, or serverless applications in the cloud.
“When you’re a US$3 billion company like Palo Alto that sells physical appliances and you’re trying to recast yourselves as a cloud company, you’re gonna friggin’ find everything that you can and say it’s cloud,” Simzer said. “I can’t compare it [our cloud security business] to their number, because their number is fictional.”
Palo Alto Networks declined to comment for this story.
Cloud security posture management has quickly emerged as a way for customers to ensure that consistent policies and procedures are being applied across all user accounts on public cloud platforms, Simzer said. Once the Cloud Conformity tool identifies unprotected user accounts, Simzer said Trend Micro can turn to its deep security for hybrid cloud portfolio to put protection controls in place.
Cloud Conformity was founded four years ago, employs 50 people, and currently protects AWS workloads for 125 customers, Simzer said. The company was founded in Sydney, Australia, and recognized as AWS’s 2019 Technology Partner of the Year for Australia and New Zealand.
Cloud Conformity is already being sold through the AWS marketplace, and is commercially available from Trend Micro immediately after the acquisition closes. A beta version of the Cloud Conformity offering for Microsoft Azure has been available for the past month, Simzer said, and mere weeks of development effort remain to support Cloud Conformity on Google.
The company initially made its product available only on AWS given the sheer number of customers served on the platform, Simzer said. But the Cloud Conformity architecture is designed to work seamlessly across all three public cloud platforms, according to Simzer.
All Cloud Conformity employees will join Trend Micro in their current roles, Simzer said. The majority of the company’s personnel are in research and development, Simzer said, while the Cloud Conformity salespeople will be integrated into the broader Trend Micro sales organisation.
The Cloud Conformity acquisition is Trend Micro’s first transaction since November 2017, when the company bought web application vendor Immunio.