Israeli Security Companies CrowdStrike Could Buy for $2B6 Israeli Security Companies That Could Be a Good Fit for CrowdStrike
A report from Israeli financial newspaper Globes that CrowdStrike plans to spend $2 billion buying one or more Israeli cybersecurity companies is sending shockwaves through the industry.
See Also: How to Use Risk Scoring to Propel Your Risk-Based Vulnerability Management Program Forward
A $2 billion buy would be the largest in CrowdStrike's 12-year history by several orders of magnitude, quintupling the $400 million the Austin, Texas-based endpoint security behemoth spent in March 2021 to purchase log management startup Humio. It would also be the biggest deal in the entire cybersecurity space since April 12, when private equity giant KKR agreed to pay a reported $4 billion to buy Barracuda.
Motivating the deals, says Globes, is CrowdStrike's desire to stand up a large research and development center in Israel to better compete for the top cybersecurity talent coming out of Israel's intelligence units and security companies. CrowdStrike's top two rivals in the endpoint detection and response market - SentinelOne and Cybereason - were founded in Israel and continue to have a very large presence in the country.
CrowdStrike today has a development center in Israel thanks to its September 2021 purchase of identity security Preempt Security for $96 million, but that center only employs 60 people, according to Globes. In contrast, most of SentinelOne's 300-person development team is based in Israel - making up 30% of the global workforce - while Cybereason had 300 employees based in Israel as of spring 2021.
The Globes report did not name the Israeli company or companies that CrowdStrike is in talks to acquire, and CrowdStrike declined an Information Security Media Group request for comment. Investors are happy to hear CrowdStrike is being aggressive in a down market, sending the company's stock up more than 8% since the Globes report was published Tuesday afternoon.
One thing we do know: Cloud security continues to be a major area of investment for CrowdStrike, with the company this week introducing the industry's first cloud threat hunting service and extending its cloud-native application protection platform to secure containers.
The company is a small but growing player when it comes to cloud security, notching 4.6% market share in 2021, up from just 3.1% a year earlier, according to IDC. CrowdStrike's cloud security business has surpassed Broadcom and Cisco's but lags incumbents Trend Micro, Trellix, Sophos, Palo Alto Networks and Check Point as well as startup Lacework.
For this reason, CrowdStrike might examine inorganic opportunities to further extend its cloud security stack and gain a technological edge over competitors.
Here's a look at three cloud security security startups with a large presence in Israel that could be a good fit for CrowdStrike, plus three other acquisitions the company might make.
Cloud Security Startups
When surveying the cloud security landscape, CrowdStrike will find a highly fragmented but increasingly crowded market, with five startups attempting to build CNAPPs and achieving valuations of greater than $1 billion since the start of 2021. One of the unicorns is Orca Security, which raised $340 million on a $1.8 billion valuation in October to integrate post-breach detection capabilities earlier in the life cycle.
Impressive, but that figure still leaves Orca well short of the valuations notched by other cloud security startups. Orca's founding team has reportedly been open to acquisition offers in the past, with the firm entering into advanced negotiations late last year with top CrowdStrike rival SentinelOne around a $2.5 billion purchase, Calcalist reported. The deal fell apart due to a massive drop in SentinelOne's stock price.
Orca co-founder and CEO Avi Shua poured cold water on the CrowdStrike deal rumors Wednesday, writing on LinkedIn, "I can confirm it's not Orca." Orca didn't respond to an ISMG request for comment on the SentinelOne acquisition talks.
If Orca's not on the market, that leaves its larger and better-capitalized rival Wiz. Less than a week after Orca announced a $1.8 billion valuation, Wiz blew its CNAPP competitor out of the water by landing a $6 billion valuation following a $250 million Series C funding round, making Wiz the fourth-most-valuable venture-backed cybersecurity company in the world.
Wiz's founding team has a track record of successful exits, with the company's founders all previously involved in the establishment of cloud access security broker Adallom, which was sold to Microsoft for $320 million in September 2015. The four co-founders of Adallom then spent nearly four and a half years leading Microsoft's Cloud Security Group before leaving at the beginning of 2020 to start Wiz.
Wiz over the past year has worked to extend its support beyond Amazon Web Services, Microsoft Azure and Google Cloud Platform so that multinational or international customers have more localized options for cloud security. The company has relocated its headquarters from Tel Aviv to New York, but it retains a large presence in Israel.
The company's $6 billion valuation would seem to put it beyond CrowdStrike's budget. But multiples have dropped dramatically since last fall, especially for companies such as Wiz who were evaluated primarily on potential rather than their actual base of annual recurring revenue. Wiz did not immediately respond to an ISMG request for comment.
Aqua Security has largely flown under the radar due to the eye-popping valuations achieved by cloud security startups such as Lacework, Wiz and Orca. But the company has an impressive growth story of its own, closing a $135 million Series E funding round and achieving a $1 billion valuation in March 2021 to enhance its Kubernetes security offering to more effectively address evolving security requirements.
The company was founded in 2015, years before Orca and Wiz were established in 2019 and 2020, respectively. Aqua has grown its headcount modestly since economic storm clouds began to amass, increasing the size of its employee base by 8% since May, in line with Orca's 7% increase over the same timeframe. Both of those lag Wiz, which has grown its headcount by 14% since May, according to LinkedIn.
Aqua a few years ago shifted its headquarters to metro Boston, but it retains a significant presence in Israel. A company spokesperson told ISMG that Aqua is not in discussions with CrowdStrike about an acquisition.
Other Possible Bets
CrowdStrike has grown beyond its origins in endpoint detection and response and incorporated telemetry from other sources, such as cloud and networks, to become a full-fledged extended detection and response provider. Forrester ranked CrowdStrike as a strong performer in its first-ever evaluation of XDR providers in fall 2021, behind only Trend Micro, Microsoft and Palo Alto Networks (see: CrowdStrike, Microsoft, Trend Micro Top EDR Forrester Wave).
But CrowdStrike doesn't have much of a presence today in what's becoming the other dominant security architecture: secure access service edge. That could all change by purchasing Cato Networks, which has products in several SASE categories, including SD-WAN, firewall as a service, secure web gateway, and zero trust network access. Only Palo Alto Networks in a serious player in both the XDR and SASE spaces.
The company's Cato Cloud platform brings together SD-WAN, a global private backbone and a full network security stack to connect physical locations, cloud resources and mobile users. Cato in October raised $200 million on a $2.5 billion valuation, meaning that its market cap would have needed to drop materially in order for CrowdStrike to afford them.
Cato missed out on qualifying for Gartner's first-ever security service edge Magic Quadrant since it lacked a full, generally available set of cloud access security broker controls as of August 2021. A Cato spokesperson declined an ISMG request for comment.
Few were happier to hear of CrowdStrike's Israeli cybersecurity acquisition plans than shareholders of Tel Aviv-based Radware, who sent the company's stock up 3% following the Globes report. The security and application delivery provider has been eyeing strategic alternatives for a while, with CNBC reporting in September that publicly traded Radware was in talks to sell itself to private equity firm Siris Capital.
Radware currently has a valuation of $1.05 billion, putting the company squarely within CrowdStrike's price range. It competes with companies such as Akamai, Cloudflare and F5 to protect corporate websites from targeted denial-of-service attacks by malicious actors.
Approximately 43% of Radware’s workforce is located in Israel, 27% in Asia-Pacific, 20% in the Americas - primarily the United States, and the remaining 11% in Europe, the Middle East and Africa, according to regulatory filings. Radware's headcount increased by less than 2% in 2021 to 1,143 employees despite the booming economy and cybersecurity spend environment, filings stated.
Radware didn't respond to an ISMG request for comment.
Perimeter 81 is the latest member of the unicorn club, completing a $100 million Series C funding round in June on a $1 billion valuation to further the company's disruption of the network security market.
Despite being founded four years ago and employing less than 250 people, Perimeter 81 has made a splash in the zero trust network access market, being named by Forrester as one of five category leaders alongside Palo Alto Networks, Appgate, VMware and Zscaler. Forrester lauded Perimeter 81's cloud-delivered and managed SaaS experience but said it needs to integrate better with enterprise device security.
In recent months, Tel Aviv-based Perimeter 81 has partnered with Microsoft to ensure Azure users have secure, policy-based resource access via zero trust and software-defined perimeter models. Azure users get access to essential networking and security tools in a single platform, providing a one-stop shop for cybersecurity services.
Perimeter 81 didn't immediately respond to an ISMG request for comment.