Palo Alto Networks® (NASDAQ: PANW), the global cybersecurity leader, announced that it has signed a definitive agreement to acquire Cider Security (Cider), a pioneer in application security (AppSec) and software supply chain security. The proposed acquisition supports Palo Alto Networks Prisma® Cloud’s platform approach to securing the entire application security lifecycle from code to cloud. Combined with its recently announced Software Composition Analysis (SCA) capabilities, Prisma Cloud will now provide the industry’s most comprehensive supply chain security solution as part of its code-to-cloud security platform.
The diversity, velocity, and dynamic nature of today’s software engineering ecosystem have introduced a wide array of new security challenges and gaps, which have made the software supply chain one of the biggest emerging attack vectors for cyber attackers. The average CI/CD pipeline can have hundreds of developer tools connected to it, which poses an enormous security risk. While much attention has been put on where code comes from, very little has been placed on the applications and software used in the development pipeline.
“Any organization using public cloud has an application infrastructure with hundreds of tools and applications that can access their code and yet, they have limited visibility to their configuration or if they are secured,” says Lee Klarich, Chief Product Officer for Palo Alto Networks. “Cider has made it possible to connect into infrastructure, analyze the tools, and identify the risks, as well as how to remediate them. We are acquiring Cider for their innovation that will help enable Prisma Cloud to provide this capability that anyone doing cloud operations has to have.”
“We designed an AppSec platform that allows engineering to continue to move fast, without making compromises on security. It’s only fitting that we join Palo Alto Networks, a company built upon landmark cybersecurity ‘firsts’. There couldn’t be a better fit for Cider,” said Guy Flechter, CEO at Cider Security. “By scanning and securing the CI/CD pipeline, we can help identify where there may be vulnerabilities in your code. Prisma Cloud will now be the ultimate solution for code to cloud security.”
Under the terms of the agreement, Palo Alto Networks will acquire Cider Security for approximately $195 million in cash, excluding the value of replacement equity awards, subject to adjustment. The proposed acquisition is expected to close during Palo Alto Networks’ second quarter of fiscal 2023, subject to the satisfaction of customary closing conditions. The acquisition is not expected to have a material impact on the company’s financials.
Palo Alto Networks Prisma Cloud is the industry’s most complete cloud-native application protection platform, an early mover in the cloud security space, revolutionizing how organizations protect their multi-cloud environments with a platform approach rather than relying on multiple disparate cloud security products. A year ago, Prisma Cloud “shifted left” with the release of Cloud Code Security, which has been amongst Prisma Cloud’s fastest adopted modules. This was followed up with the September 2022 release of context-aware SCA. Cider furthers Prisma Cloud’s mission by unifying Cloud and Application Security with a unique approach that cannot be achieved by point solutions.
This press release contains forward-looking statements that involve risks, uncertainties, and assumptions, including, but not limited to, statements regarding the anticipated benefits and impact of the proposed acquisition to Palo Alto Networks and its customers and future financial and operating results, and the anticipated closing of the acquisition. There are a significant number of factors that could cause actual results to differ materially from statements made in this press release, including, but not limited to: the effect of the announcement of the proposed transaction on the parties’ commercial and workforce relationships; the ability to be able to satisfy, and the satisfaction of, the conditions to the closing of the acquisition; the ability of the parties to consummate the proposed acquisition on a timely basis or at all; the ability of Palo Alto Networks to integrate Cider’s technology, operations and business; developments and changes in general market, political, economic, and business conditions; the duration and global impact of COVID-19; risks associated with managing our growth; risks associated with new products and subscription and support offerings, including the discovery of software bugs; shifts in priorities or delays in the development or release of new subscription offerings, or the failure to timely develop and achieve market acceptance of new products and subscriptions as well as existing products and subscription and support offerings; rapidly evolving technological developments in the market for security products and subscription and support offerings; our customers’ purchasing decisions and the length of sales cycles; our competition; our ability to attract and retain new customers; our ability as an organization to acquire and integrate other companies, products, or technologies in a successful manner; the effects of supply chain constraints and the global chip and component shortages and other factors affecting the manufacture, delivery, and cost of certain of our products; our debt repayment obligations; and our share repurchase program, which may not be fully consummated or enhance shareholder value, and any share repurchases which could affect the price of our common stock.
Additional risks and uncertainties that could affect our financial results are included under the captions “Risk Factors” and “Management’s Discussion and Analysis of Financial Condition and Results of Operations” in our Quarterly Report on Form 10-K filed with the SEC on September 6, 2022, which is available on our website at investors.paloaltonetworks.com and on the SEC’s website at www.sec.gov. Additional information will also be set forth in other filings that we make with the SEC from time to time. All forward-looking statements in this press release are based on information available to us as of the date hereof, and we do not assume any obligation to update the forward-looking statements provided to reflect events that occur or circumstances that exist after the date on which they were made.
About Palo Alto Networks
Palo Alto Networks is the world’s cybersecurity leader. We innovate to outpace cyberthreats, so organizations can embrace technology with confidence. We provide next-gen cybersecurity to thousands of customers globally, across all sectors. Our best-in-class cybersecurity platforms and services are backed by industry-leading threat intelligence and strengthened by state-of-the-art automation. Whether deploying our products to enable the Zero Trust Enterprise, responding to a security incident, or partnering to deliver better security outcomes through a world-class partner ecosystem, we’re committed to helping ensure each day is safer than the one before. It’s what makes us the cybersecurity partner of choice.
At Palo Alto Networks, we’re committed to bringing together the very best people in service of our mission, so we’re also proud to be the cybersecurity workplace of choice, recognized among Newsweek’s Most Loved Workplaces (2022), Comparably Best Companies for Diversity (2021), and HRC Best Places for LGBTQ Equality (2022).
Palo Alto Networks and the Palo Alto Networks logo are trademarks of Palo Alto Networks, Inc. in the United States and in jurisdictions throughout the world. All other trademarks, trade names, or service marks used or mentioned herein belong to their respective owners. Any unreleased services or features (and any services or features not generally available to customers) referenced in this or other press releases or public statements are not currently available (or are not yet generally available to customers) and may not be delivered when expected or at all. Customers who purchase Palo Alto Networks applications should make their purchase decisions based on services and features currently generally available.