News
3/24/2014
10:16 AM
Connect Directly
RSS
E-Mail
50%
50%

Palo Alto Networks To Acquire Cyvera For Approximately $200 Million

Cyvera provides cyberdefense solutions that protect organizations from sophisticated, targeted cyberattacks

Santa Clara, Calif., March 24, 2014 – Palo Alto Networks® (NYSE: PANW), today announced a definitive agreement to acquire Cyvera, a privately held cybersecurity company located in Tel-Aviv, Israel. Under the terms of the agreement, Palo Alto Networks will acquire all of the outstanding capital stock of Cyvera for an aggregate purchase price of approximately $200 million. The acquisition is expected to close during the second half of fiscal 2014, subject to customary closing conditions and regulatory reviews.

Named a cool vendor in security by Gartner in 2013 ("Cool Vendors in Security: Infrastructure Protection 2013")*, Cyvera, which has 55 employees, has developed a highly innovative offering that protects enterprises from cyber threats by using a unique approach to block unknown, zero-day attacks on the endpoint.

The addition of this unique capability to the Palo Alto Networks enterprise security platform will extend customers' ability to safely enable applications and protect users against known and unknown cyber threats on any device, across any network.

QUOTES:

· "This event marks a key milestone in our strategic enterprise security vision. It extends our next-generation security platform with a very innovative approach to preventing attacks on the endpoint. It enables us to accelerate the delivery of the market's only highly integrated and automated enterprise security platform spanning network, endpoints, and the cloud. For customers, this translates into the most sophisticated and automated threat prevention for their entire organization."

- Mark McLaughlin, President and CEO of Palo Alto Networks

· "Much like Palo Alto Networks set out to disrupt the network security market with its next-generation security platform, we founded Cyvera to revolutionize protection for the endpoint – one of the most vulnerable frontiers for cyber attacks. We are pleased to join the Palo Alto Networks team and together help enterprise customers tackle the advanced threats they face today."

- Uri Alter and Netanel Davidi, co-founders and co-CEO's of Cyvera

Cyvera Prevents Attacks at the Right Time and Place

Zero-day cyber attacks represent one of the greatest threats to enterprises, governments, and service provider organizations that rely on a vast array of systems, applications, and devices to run their business. These cyber attacks often exploit a vulnerability known only to the attacker. While there are literally tens of thousands of vulnerabilities an attacker can potentially target, there is a significantly smaller number of exploit techniques they may use to exploit that vulnerability.

While patching software can provide an element of protection, it does little to protect organizations against vulnerabilities that have not yet been discovered by the software manufacturer. Simply detecting the presence of malware is also insufficient since malicious activity may have already been initiated and evasion tactics employed to evade detection. In order to stop zero-day attacks in their tracks, it's critical to understand the exploit techniques attackers employ. Cyvera has developed a unique method of performing this real-time prevention against all core attack techniques at the endpoint during the exploitation phase, before the malware has a chance to run.

Advanced Threats Demand Highly Integrated, Automated, and Scalable Platform Approach

Today's sophisticated attacks increasingly rely on a combination of tactics and threat vectors to penetrate an organization and require a new approach to security. Most organizations still rely on legacy point technologies that address only specific types of attacks, phases of an attack, certain devices, or certain network segments. Because of the singular nature of these technologies, they are ill-equipped to detect and prevent today's advanced cyber attacks.

To address these challenges, Palo Alto Networks developed a new approach: one that begins with positive security controls to reduce the attack surface; blocks all known threats; rapidly detects unknown threats through analysis and correlation of abnormal behavior; then automatically employs advanced exploit prevention mechanisms and policies back to the front line to ensure previously unknown threats are known to all and blocked. This approach is designed to prevent threats from penetrating an organization and greatly reduce the need for costly human remediation.

Adding the unique Cyvera capabilities extends the Palo Alto Networks enterprise security platform to perform next-generation security functions across the network, endpoint, and the cloud.

To learn more about the Palo Alto Networks security platform:

· Visit our website

· Register for the Palo Alto Networks Ignite user conference, March 31 – April 2

Investor conference call information

Palo Alto Networks will host a conference call for analysts and investors to discuss details of acquisition at 8:00 a.m. Eastern time / 5:00 a.m. Pacific time. Open to the public, investors may access the call by dialing (877) 474-9503 or (857) 244-7556 and entering the passcode 82968997. A live audio webcast of the conference call along with supplemental financial information will also be accessible from the "Investors" section of the company's website at investors.paloaltonetworks.com. Following the webcast, an archived version will be available on the website for one year. A telephonic replay of the call will be available two hours after the call and will run for five business days and may be accessed by dialing (888) 286-8010 or (617) 801-6888 and entering passcode 32682574.

ABOUT PALO ALTO NETWORKS

Palo Alto Networks is leading a new era in cybersecurity by protecting thousands of enterprise, government, and service provider networks from cyber threats. Unlike fragmented legacy products, our security platform safely enables business operations and delivers protection based on what matters most in today's dynamic computing environments: applications, users, and content. Find out more at www.paloaltonetworks.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Must Reads - September 25, 2014
Dark Reading's new Must Reads is a compendium of our best recent coverage of identity and access management. Learn about access control in the age of HTML5, how to improve authentication, why Active Directory is dead, and more.
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-5485
Published: 2014-09-30
registerConfiglet.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via unspecified vectors, related to the admin interface.

CVE-2012-5486
Published: 2014-09-30
ZPublisher.HTTPRequest._scrubHeader in Zope 2 before 2.13.19, as used in Plone before 4.3 beta 1, allows remote attackers to inject arbitrary HTTP headers via a linefeed (LF) character.

CVE-2012-5487
Published: 2014-09-30
The sandbox whitelisting function (allowmodule.py) in Plone before 4.2.3 and 4.3 before beta 1 allows remote authenticated users with certain privileges to bypass the Python sandbox restriction and execute arbitrary Python code via vectors related to importing.

CVE-2012-5488
Published: 2014-09-30
python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via a crafted URL, related to createObject.

CVE-2012-5489
Published: 2014-09-30
The App.Undo.UndoSupport.get_request_var_or_attr function in Zope before 2.12.21 and 3.13.x before 2.13.11, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote authenticated users to gain access to restricted attributes via unspecified vectors.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
In our next Dark Reading Radio broadcast, we’ll take a close look at some of the latest research and practices in application security.