CrowdStrike (NASDAQ: CRWD) announced a deal to acquire Adaptive Shield, a supplier of SaaS Security. After this deal closes, CrowdStrike aims to offer unified, end-to-end defense against identity-based attacks from a single, unified platform across the whole cloud ecosystem, including cloud-based identity providers, on-premises Active Directory, and SaaS apps.
CrowdStrike is a global leader in cybersecurity, offering an advanced cloud-native platform designed to protect crucial areas of enterprise risk, such as endpoints, cloud workloads, identities, and data. The CrowdStrike Falcon® platform is powered by the CrowdStrike Security Cloud and artificial intelligence. The solution utilizes real-time indicators of attacks, threat intelligence, evolving adversary tactics, and enriched telemetry from across the enterprise. This enables it to provide effective threat detection, automated protection, and remediation.
Transaction Details
The purchase price was not disclosed. It is expected to be paid mostly in cash and includes a stock component subject to vesting restrictions. Subject to standard closing conditions, the proposed purchase is anticipated to close during CrowdStrike’s fiscal fourth quarter.
Due to this acquisition, CrowdStrike is now positioned as a key supplier of security protection across complex hybrid cloud environments.
Identity-Based Attacks in the Cloud Target SaaS Applications
According to a recent CrowdStrike Global Threat Report, cloud exploitation threats increased 110% in 2023, while identity-based attacks are rising, most of the attacks gain access without malware.
In a July 2024 industry report, IDC estimated that SaaS is expected to account for over 40% of all public cloud spending in 2024, making it the largest category of cloud computing. CrowdStrike claims that it is challenging to stop identity-based threats because of the complexity of hybrid cloud environments and disjointed security tools that lead to protection gaps.
In today’s complex environments, SaaS applications come with different access controls, identity configurations, and purpose-built protection. The results in corporate security teams facing significant challenges in understanding who has access, what data could be exposed, and monitoring ongoing threats.
To effectively combat these challenges, CrowdStrike emphasizes the need for a unified security approach that can adapt to the dynamic nature of hybrid cloud environments. The integration of Adaptive Shield into its platform aims to address these gaps by providing comprehensive visibility and control over SaaS applications.
Noteworthy Deals Shaping the Cybersecurity Industry
Within the cloud and cybersecurity industry, companies are making strategic moves to improve their technologies and expand their capabilities. The acquisition of Adaptive Shield by CrowdStrike highlights this trend, as organizations seek comprehensive solutions to counter sophisticated threats.
This transaction is just one among several notable deals in the cybersecurity sector this year, highlighting the industry’s ongoing consolidation and the increasing importance of advanced security technologies.
Other notable cybersecurity deals in 2024, include:
- Venafi’s acquisition by CyberArk Software (NASDAQ: CYBR): Thoma Bravo agreed to sell the machine identity management company to CyberArk for $1.6 billion in cash and stock. Venafi is expected to add approximately $150 million in annual recurring revenue (ARR), valuing the acquisition at an Enterprise Value (EV) to Next-12-months (NTM) Revenue of 10.7x . The goal of this acquisition is to provide a single platform for machine identity security from beginning to end.
- Palo Alto Networks (NASDAQ: PANW) purchased IBM’s (NYSE: IBM) QRadar SaaS division for $500 million. QRadar SaaS’ revenue in 2023 was approximately $100 million, valuing the acquisition at EV to Revenue of 5.0x.
- Fortinet’s (NASDAQ: FTNT) acquisition of Lacework: To improve its Unified SASE (Secure Access Service Edge) offering, Fortinet purchased cloud security unicorn Lacework for $149.0 million.
- Sophos’ planned acquisition of Secureworks (Nasdaq: SCWX): Sophos announced its plan to acquire Secureworks for $870 million at an EV to NTM Revenue of 2.5x and an EV/NTM EBITDA of 28.4x.
- Rapid7’s (NASDAQ: RPD) acquisition of Noetic Cyber: Rapid7 purchased Noetic Cyber for $56.9 million to strengthen its skills in cyber asset attack surface management (CAASM).
These acquisitions demonstrate the continued industry consolidation, which is being fueled by the demand for new technologies to counteract growing cyber threats.
FIGURE 1: 1-Year Stock Chart
Notes: All numbers in USD unless otherwise stated. The author of this report, and employees, consultants, and family of eResearch may own stock positions in companies mentioned in this article and may have been paid by a company mentioned in the article or research report. eResearch offers no representations or warranties that any of the information contained in this article is accurate or complete. Articles on eresearch.com are provided for general informational purposes only and do not constitute financial, investment, tax, legal, or accounting advice nor does it constitute an offer or solicitation to buy or sell any securities referred to. Individual circumstances and current events are critical to sound investment planning; anyone wishing to act on this information should consult with a financial advisor. The article may contain “forward-looking statements” within the meaning of applicable securities legislation. Forward-looking statements are based on the opinions and assumptions of the Company’s management as of the date made. They are inherently susceptible to uncertainty and other factors that could cause actual events/results to differ materially from these forward-looking statements. Additional risks and uncertainties, including those that the Company does not know about now or that it currently deems immaterial, may also adversely affect the Company’s business or any investment therein. Any projections given are principally intended for use as objectives and are not intended, and should not be taken, as assurances that the projected results will be obtained by the Company. The assumptions used may not prove to be accurate and a potential decline in the Company’s financial condition or results of operations may negatively impact the value of its securities. Please read eResearch’s full disclaimer.
