Palo Alto to buy Checkov creator, Bridgecrew
Palo Alto said it will acquire Bridgecrew, the developer of the static code analysis tool Checkov. DevOps teams use the open source tool to build cloud applications.
Palo Alto Networks has agreed to acquire developer-focused cloud security company Bridgecrew, a move expected to bolster the cloud application security capabilities within Palo Alto's Prisma platform.
Palo Alto announced this week that it will acquire Bridgecrew for $156 million in cash. The company expects to complete the transaction by the end of April. Bridgecrew co-founders Idan Tendler, Barak Schoster and Guy Eisenkot will join Palo Alto after the deal closes.
Bridgecrew focuses on developers who follow the IT practice called infrastructure as code. IaC tools let developers or operations teams automatically manage, monitor and provision infrastructure resources. The tools bypass the manual configuration of discrete hardware devices and operating systems to serve applications.
Bridgecrew's technology lets developers and DevOps teams enforce infrastructure security standards throughout the cloud application development process. The company does so through its open source static code analysis tool Checkov, which scans cloud infrastructure for misconfigurations.
Palo Alto said the number of Checkov downloads topped 1 million last year, the first full year of availability. The company promised to continue investing in the Checkov open source initiative.
Palo Alto plans to integrate Bridgecrew technology into Prisma Cloud, one of four services in the Prisma cloud security suite. The services use rule-based security and machine learning (ML) to secure cloud applications. The suite works with AWS, Microsoft Azure and Google Cloud.
Prisma Cloud provides visibility and compliance monitoring for multi-cloud systems. It also helps to detect vulnerabilities and identify improper IaC configurations.
Bridgecrew is Palo Alto's third acquisition to broaden its cloud security portfolio. In 2019, the company acquired startups Twistlock and PureSec. The former provided cloud-native container security, and the latter a serverless application security platform.
Upcoming Prisma Access 2.0
This week, Palo Alto also introduced an upgrade of Prisma Access, a service used to secure connections to cloud applications. The product includes a cloud management user interface for onboarding branch offices and individuals. It also provisions and secures outbound internet connectivity.
Prisma Access 2.0, available in March, contains ML algorithms that analyze telemetry data to recommend security policies that prevent zero-day attacks. Zero-day refers to software, hardware or firmware flaws unknown to the organization responsible for patching.
Palo Alto added to Prisma Access an explicit proxy that sends requests directly to the Prisma Access secure web gateway. The SWG provides traffic visibility and web filtering.