Palo Alto Networks Acquires LightCyber For $105M, Adds Behavioral Attack Detection Capabilities

Palo Alto Networks announced that it had acquired LightCyber for $105 million, adding behavioral attack detection capabilities to its network security platform.

LightCyber's breach-detection and remediation solution is called Active Breach Detection. The company's solution uses behavioral analytics and anomaly detection to gain visibility into advanced and targeted attacks, insider threats, and attacks that have gone around traditional controls.

Palo Alto Networks announced the acquisition, which has already closed, during its second quarter earnings call on Tuesday.

[Related: Q&A: Former FireEye CEO DeWalt On Why He's Joining IoT Security Startups]

Sponsored post

CEO Mark McLaughlin said in a statement that LightCyber's technology would "complement the existing automated threat prevention capabilities of our platform to help organizations not only improve but also scale their security protections to prevent cyber breaches." On the earnings call, McLaughlin said Palo Alto Networks evaluated multiple companies in the behavioral attack detection market, and was "very impressed by the LightCyber offering."

"The LightCyber team's vision to bring automation and machine learning to bear in addressing the very difficult task of identifying otherwise undetected and often very sophisticated attacks inside the network is well-aligned with our platform approach," McLaughlin said in a statement.

On the earnings call, CEO Mark McLaughlin said Palo Alto Networks plans to integrate LightCyber as a non-attached subscription to its security platform, an integration it said it expects to be available by the end of the calendar year. In the meantime, he said it would continue to offer the products independently and support existing customers.

The acquisition is the latest in a slow, steady stream of smaller acquisitions by Palo Alto Networks in recent years. The company acquired Cyvera in 2014 to add endpoint security capabilities and CirroSecure in 2015 to add capabilities for SaaS application security. LightCyber already had a tie to Palo Alto Networks with investments from security investor Shlomo Kramer as part of its last $20 million Series B round in June 2016. Kramer was also an early investor in Palo Alto Networks.

Mark Miller, a partner at Dallas-based M&S Technologies, a Kudelski Security company, said LightCyber has an "interesting product" in the behavioral analytics and anomaly detection market, but sales have been slow to gain traction with his business.

Miller said it makes a lot of sense for Palo Alto Networks to buy, rather than build, a company in this market, as there are multiple companies in the space already. The acquisition will also add engineering talent, he said. He said the acquisition would add a broader sales base for LightCyber as it is incorporated as a subscription on the Palo Alto Networks platform.

"Selling it as an add-on feature or subscription would be the way to go. If they can go back to their current Palo Alto Networks customer base, it should garner sales for them," Miller said.