itestro - Fotolia

Palo Alto Networks to acquire SOAR vendor Demisto

Palo Alto Networks announced its plan of acquiring SOAR vendor Demisto for $560 million to accelerate its Application Framework strategy and beef up security operations automation.

Firewall software company Palo Alto Networks, based in Santa Clara, Calif., has entered into a definitive agreement to acquire SOAR vendor Demisto for $560 million.

Palo Alto Networks chairman and CEO Nikesh Arora said the acquisition will help accelerate Palo Alto Networks' Application Framework strategy and improve the effectiveness of security teams that are sorely in need of solutions.

"We cannot solve security by deploying more and more solutions that alert us to potential issues; we need solutions," Arora said during a conference call earlier today. "Demisto is a leader in the evolving space called security orchestration, automation and response. With Demisto we add more security analytics and automation technologies to our platform and can strengthen the security outcomes that we deliver to our 60,000 customers and more."

Demisto's multivendor orchestration capabilities, analytics and automated playbooks will help bring Palo Alto Networks closer to using AI and machine learning and will allow customers to further automate significant parts of their security operations, he said. This in turn will allow them to direct their attention to solving unique and complex threats, he added.

The acquisition of the SOAR vendor will help strengthen Palo Alto Networks' commitment to security teams by delivering a platform that provides higher levels of integration automation, and innovation to prevent successful cyberattacks, he said.

Cybersecurity startup Demisto was founded in 2015 and serves customers worldwide, including companies in healthcare, high-tech and financial services.

With Demisto we see an opportunity to extend our focus and belief around the use of automation as a very critical component of security.
Lee Klarichchief product officer, Palo Alto Networks

Demisto adds to a series of investments Palo Alto Networks has made in the last 12 months designed to strengthen their ability to offer integration solutions to customers, Arora said, and is another step in their journey to change the paradigm of how security is offered -- with a more data-centric approach that relies on AI and machine learning.

"As you look at the continued attention to security across the enterprise and the continued need for security as you start making cloud transitions, there is a lot of pressure on the SOC; ... we felt there is a need for SOC management and integration being provided with the SOC," Arora said. "We felt we needed a backbone to be able to create that integration, automation, using all the data that you can deploy in the Application Framework and hence we went down the acquisition path."

Through the use of analytics and automation, the SOAR vendor market has emerged as a way of helping security operations centers deal with the overwhelming number of alerts that are coming in, said Lee Klarich, chief product officer at Palo Alto Networks.

"With Demisto we see an opportunity to extend our focus and belief around the use of automation as a very critical component of security and leverage [that] on top of the Application Framework [which] allows us to integrate it with the data and the sensors that we have," Klarich said.

Demisto is changing the way incident response teams use automation to manage and stop attacks, Arora said, amassing one of the largest incident response communities in the industry with approximately over 5,000 members. The company's platforms are in more than 200 enterprise integrations with companies such as Microsoft, Amazon, Splunk, Slack and others, he added.

"Demisto's proven technology success coupled with the benefit of Palo Alto Networks' large and growing customer base, well-established sales organization and deep partner relationships will allow us to provide a more comprehensive set of solutions to our customers."

The proposed acquisition is expected to close during Palo Alto Networks' fiscal third quarter.

Dig Deeper on Security operations and management

Enterprise Desktop
Cloud Computing