Tenable, a network security management company, has announced its plans to acquire Ermetic Ltd., an Israeli cloud security startup, for approximately $240 million in cash and $25 million in restricted stock, subject to price adjustments. This strategic acquisition will strengthen Tenable’s capabilities in cloud security and entitlement management.
Ermetic, founded in 2019, has emerged as a leader in the cloud infrastructure entitlement and identity-centric cloud security platform market. The company offers an integrated cloud-native application protection platform, enabling organizations to automate risk analysis, understand user entitlements, prioritize risks, and facilitate automated remediation. This technology is crucial in securing cloud data and managing network security effectively.
Ermetic’s platform simplifies monitoring and addressing potential cloud security vulnerabilities by providing a central control dashboard that unifies security capabilities and access management. For instance, it can track and manage access privileges for sensitive cloud resources, enhancing security and reducing exposure to risks.
One of Ermetic’s recent innovations is CNAPPgoat, an open-source project that allows organizations to test their cloud security skills, processes, and tools in a sandbox environment. This tool empowers security teams to set up and simulate “risk scenarios” to evaluate the effectiveness of cloud-native application protection platforms and tools.
Tenable plans to integrate Ermetic’s capabilities into Tenable One, its unified exposure management platform, providing organizations with comprehensive visibility into their attack surface and associated vulnerabilities. Tenable One identifies assets across various environments, including on-premises and cloud, and aggregates vulnerability data, enabling security teams to proactively address threats and vulnerabilities.
Amit Yoran, Chairman and CEO of Tenable, highlighted the potential of this acquisition to provide a holistic view of the modern attack surface and enhance organizations’ risk management by leveraging identity as a foundational element.
The deal is expected to close in the early fourth quarter of 2023, pending customary conditions outlined in the agreement. This acquisition marks Tenable’s sixth since its initial public offering in 2018, demonstrating its commitment to expanding its cybersecurity offerings and addressing the evolving threat landscape.
Tenable continues to invest in advanced security solutions and capabilities, positioning itself as a key player in the cybersecurity industry, particularly in cloud security and exposure management.