Oracle Doubles Down On Security With Plan To Buy Network, Application Security Startup Zenedge

Oracle plans to boost the application and network protection around its cloud services by purchasing security startup Zenedge.

The Redwood Shores, Calif.-based software vendor said its acquisition of Aventura, Fl.-based Zenedge would make it easier for enterprises to adopt cloud services without compromising performance, cost, control or security. Zenedge's web application firewall and DDoS mitigation products help customers secure their applications, networks, databases and APIs from malicious internet traffic, Oracle said.

"The combination with Zenedge equips Oracle Cloud Infrastructure with integrated, next-generation network and infrastructure security to address modern security threats,’ Don Johnson, Oracle's senior vice president of product development, said in a statement.

[Related: Oracle Bets Big On Cloud With Data Center Buildout]

Oracle has needed to quickly mature and fill gaps in its cloud offering to catch up with vendors such as AWS that had a head start, according to Abdul Sheikh, CTO of New York-based Oracle partner Cintra. Not being first has its perks, though, Sheikh said, since Oracle has the luxury of stepping back, seeing the entire marketplace, and figuring out what moves would unlock the most next-generation capabilities.

WAF and DDoS are two fundamental security features required in the cloud, and Sheikh said Oracle's lack of maturity in that space before the Zenedge deal was a clear deficiency when customers were making comparisons to AWS.

But in one fell swoop, Sheikh said Oracle not only gained robust WAF and DDoS capabilities but also managed to surpass AWS from a capabilities perspective thanks to Zenedge's next-generation artificial intelligence features.

"While Oracle is playing catch up, they're catching up by leaps and bounds versus first-generation clouds," Sheikh said.

Terms of the deal weren't disclosed, and Oracle declined to comment further. Oracle's stock is up $0.60 (1.21%) to $50.06 in trading Thursday, with the acquisition announced before the opening of the market.

Zenedge was founded in 2014, and employs 72 people, and raised $13.7 million through three rounds of venture capital funding, according to LinkedIn and CrunchBase. The company's web application firewall (WAF) and DDoS mitigation products reduce illicit website traffic by 99 percent and improve page load times by 99.75 percent, according to Zenedge CEO Yuri Frayman.

’We could not be more enthusiastic about joining forces with the leader in enterprise-grade cloud infrastructure, and delivering similar results to even more customers at scale,’ Frayman said in a statement.

Oracle plans to continue investing in Zenedge's cloud infrastructure services following the close of the acquisition, which the company said should result in more functionality and capabilities at a quicker pace. Zenedge customers will also benefit from better integration and alignment with Oracle’s other product offerings, Oracle said.

Zenedge partners should continue to use their existing Zenedge contacts to address immediate and ongoing needs, Oracle said. The company works with VARs, MSSPs, hosting providers, and ISVs, and counts Deloitte, nSource and Contego among its base of partners.

The company can respond to issues rapidly thanks to its around-the-clock security operations center (SOC), rapid provisioning and application-specific policies, and use of artificial intelligence to continuously adapt to evolving threats.

From a compliance perspective, Oracle said Zenedge offers a single, interactive control center, pre-built rule-sets extended by adaptive automation, and integrations into SIEM and security reporting. Zenedge's infrastructure is also scalable, Oracle said, with a globally-deployed network, worldwide traffic scrubbing centers, and a programmatic API interface for global propagation.

In addition to its WAF and DDoS mitigation products, Oracle said Zenedge also offers malicious bot detection and mitigation, advanced API security, and attack payload detection for file uploads to combat malware.