10 Cybersecurity Companies Making Moves: July 2023
We’re taking a look at some of the cybersecurity companies that launched new products and partner programs, unveiled acquisitions or made key executive hires in July.
Hot Market, Big Moves
Since hackers don’t take summers off, neither can the cybersecurity companies developing technology to defeat them. (Or at least make their lives harder.) July was a busy month on both the attacker side of the equation—including with a growing list of victims facing extortion demands over the MOVEit cyberattacks—as well as on the defender side, with numerous security vendors making notable moves. The major announcements in July included product launches from top cybersecurity companies such as Palo Alto Networks, Fortinet and Netskope.
Other big moves last month included another cybersecurity startup acquisition for Cisco Systems, as the company looks to continue building out its Security Cloud platform, along with executive hires and new channel partner program launches by several companies.
Meanwhile, one of the most consequential moves for the cybersecurity world in July came outside the industry, with the U.S. Securities and Exchange Commission adopting a pair of much-awaited cyber incident disclosure regulations.
The first new SEC rule requires publicly traded companies to disclose cyberattacks in an 8-K filing within four business days of determining an incident is “material” for its shareholders. With the second new SEC rule, public companies must annually disclose information on their management and strategy around cybersecurity risk. Notably, this rule includes a new obligation to describe the role of its board in overseeing cybersecurity threats.
While certain industries are already subject to strict government cyber requirements, the SEC’s oversight of all publicly traded companies makes the new rules the “most widespread regulation” for cybersecurity to date in the U.S., PricewaterhouseCoopers partner Joe Nocera told CRN.
The new regulations are likely to bring significant implications to the cybersecurity industry, as the rules provide another powerful incentive for companies to take security more seriously, Tenable CEO Amit Yoran said in an interview with CRN. “It gets people’s attention—it gets the CEO’s attention, the CFO’s attention, the general counsel’s attention, the board’s attention,” Yoran said.
“When there’s [regulatory] filings involved—and it impacts investors and their engagement with the SEC—then corporate leadership just pays that much more attention. And that means they ask questions about it,” he said. “And when they ask questions about it, they just start pulling on a thread of yarn that causes action.”
While some companies already engage in this way with cybersecurity, “I’d say it is not pervasive,” Yoran said. “Not every CEO, not every audit and risk committee, not every board of directors pays the kind of attention to cybersecurity that they should. But having this connective tissue to public filings and 8-Ks and disclosures will necessitate better engagement between security professionals and corporate leadership. So I think it’s hugely impactful.”
As for the cybersecurity industry’s own moves in July, a number of the them revolved around areas of growing interest to corporate leaders and regulators alike, such as data security, incident response and software supply chain security.
What follows are the key details on 10 cybersecurity companies that made big moves in July 2023.
In July, Netskope announced a set of new AI/ML capabilities—available across the products that make up its SASE platform—focused around offering improved data protection and threat detection. The new SkopeAI capabilities include “deep” contextual awareness for improved DLP (data loss prevention) across both structured and unstructured data, along with ML-powered data classification and “train your own classifiers” technology to enable the automatic identification and categorization of new data. In addition, SkopeAI provides AI-based threat protection that can rapidly detect and defend against a variety of threats—including AI-generated threats, polymorphic malware, phishing domains and zero-day attacks, according to Netskope. Key uses for the SkopeAI technology include protecting against malicious uses of generative AI apps such as ChatGPT, the company said.
Also in July, Netskope unveiled a new MSP program that serves as an “extension” of the company’s Evolve Partner Program, and offers a new “as-a-service business model framework,” the vendor said in a news release. Netskope co-founder and CEO Sanjay Beri (pictured) said in a recent interview with CRN that the company is “amping up our enablement” of partners.
Darktrace in July unveiled a new product, Heal, that leverages AI to assist with cyber incident response. The product “completes Darktrace’s Cyber AI Loop” by adding a recovery offering to its portfolio that already includes tools for threat prevention, detection and response, the company said.
Darktrace Heal includes capabilities to simulate real-world cyber incidents within customer environments, allowing security teams to better prepare for complex attacks and practice their responses, according to the company. The product also enables the creation of custom incident response plans based on an unfolding attack, utilizing details of the environment and attack as well as insight from prior simulations. Darktrace said.
Forcepoint and its private equity owner, Francisco Partners, unveiled a deal to sell its government and critical infrastructure business to TPG in a move to position the business as a “leader” in zero trust security. Financial terms of the deal were not disclosed, but multiple reports pegged the acquisition price at $2.45 billion.
The acquisition will separate Forcepoint’s government and critical infrastructure business from its commercial business, the company said. Forcepoint’s commercial business is focused on offering a “data-first” SASE platform, which aims to provide “better control over how people get to business applications and use sensitive data” than competing SASE offerings, the company has said. The Forcepoint commercial business will remain under the ownership of Francisco Partners.
Threat intelligence data firm Cybersixgill in July unveiled the launch of its global MSSP program, which provides MSSPs with expert assistance as well as advanced tools to accelerate their use of threat intelligence. Cybersixgill said that key capabilities include a multitenant, SaaS-based investigative portal with “Google-like” search and filtering capabilities. Other capabilities include “prioritized” alerts that are customizable and simplified case management. About one-third of Cybersixgill’s current customers are MSSPs, and the company understands that MSSPs face “growing pressure from their customers to deliver superior, proactive security to protect them from cyberattacks,” said Eric Krauss, vice president of worldwide channels for Cybersixgill, in a news release.
Cisco announced in July it plans to add another startup’s technology to its security portfolio with its agreement to acquire identity threat detection and response startup Oort. Once combined, Oort’s identity-centric technology will enhance user context telemetry for Cisco’s Security Cloud platform, Cisco said. The companies did not disclose the terms of the deal.
The tech giant has been a strategic investor in Oort since 2022. Oort was founded by Cisco alumni Matt Caulfield, an entrepreneur and former Cisco engineer for 10 years who has a background in cloud, networking and data.
Oort’s identity-centric technology will be incorporated into the Cisco Security Cloud platform, including within Cisco’s Duo identity access management technology and extended detection and response portfolios, according to Raj Chopra, senior vice president and chief product officer for Cisco Security.
Cisco has unveiled agreements to acquire four security-related startups in 2023 so far, with Oort joining a list that includes Lightspin, Valtix and Armorblox.
Palo Alto Networks
In late July, Palo Alto Networks unveiled the introduction of a CI/CD Security module to its Prisma Cloud CNAPP (cloud native application protection platform). The new capability—based on technology from the acquisition of Cider Security in late 2022—will provide partners and customers with “integrated software delivery pipeline security,” the cybersecurity giant said in a news release.
One key benefit of the CI/CD Security module is that it offers unified visibility “across the engineering ecosystem,” including code repositories and contributors as well as any technologies and pipelines that are utilized, the company said in a blog post. The visibility is available through the newly added Application Security dashboard in Prisma Cloud.
Other benefits include enhanced protection against the 10 biggest CI/CD risks—as determined by the Open Worldwide Application Security Project—as well as posture management capabilities for delivery pipelines and attack path analysis, Palo Alto Networks said. Attack path analysis is available through the new Prisma Cloud Application Graph and enables improved understanding and analysis of the environment as well as “relationships between all artifacts from code to deployment,” the company said in the post.
Island, a startup that offers a security-focused web browser for businesses, said in July it has hired cybersecurity industry veteran Steve Tchejeyan (pictured) to serve as its president. Tchejeyan had most recently been CRO at Forescout Technologies. Earlier in his career, he worked in sales leadership and executive roles at security vendors including Symantec, Blue Coat Systems and Intel Security.
The appointment followed Island’s hire earlier this year of another executive from Forescout, Keith Weatherford, as its vice president of worldwide channel sales.
Island, which was founded by two ex-Symantec executives, has raised more than $250 million in funding and has been valued at $1.3 billion by its investors.
Imperva said in July it has reached an agreement to be acquired by defense and aerospace company Thales for $3.6 billion. The application and data security vendor is being sold by its private equity owner, Thoma Bravo.
In a news release, Thales said that it will add about $500 million in revenue and “significantly expand its data and application security offering” with the addition of Imperva. The acquisition is expected to close “by the beginning of 2024,” Thales said.
A longtime player in application security categories such as web application firewall and DDoS protection, Imperva has expanded in recent years into emerging segments of the market, such as API security, while also bringing a growing focus on other related categories such as data security.
In July, Fortinet said it is “deepening its commitment to data center security” with the introduction of two new FortiGate NGFW (next-generation firewall) devices. The new firewalls include the FortiGate 3200F, which is “purpose-built” for hyperscale data center facilities with a massive 380 Gbps of throughput as well as 400GE interfaces that are aimed at management of high-traffic volumes, according to Fortinet. The second new firewall, the FortiGate 900G, provides 20 Gbps of throughput and offers a “compact form factor for the enterprise,” the company said.
In July, Uptycs hired veteran cybersecurity leader Kevin Paige (pictured) as its CISO and vice president of product strategy. Paige had most recently been the CISO at supply chain management firm Flexport, and earlier in his career held security leadership positions at tech companies including Salesforce and MuleSoft. Prior to the hire, Paige had been a “three-time Uptycs customer,” the vendor said in a news release. Uptycs—which says it offers the “first” platform that unifies CNAPP (cloud native application protection platform) and XDR (extended detection and response) capabilities—is “extraordinary in its ability to help security teams leverage their security data,” Paige said in a news release.