CrowdStrike's plan to enhance its identity protection and software-as-a-service (SaaS) security capabilities through its proposed acquisition of startup Adaptive Shield will help the cybersecurity vendor at a time when organizations are expanding their cloud footprints and using bad-identity actors to gain initial access to those environments.
CrowdStrike will integrate Adaptive Shield's SaaS security tools into Falcon's security offerings, a move that company executives said will enable them to provide organizations with a single platform for the security they need to protect against identity-based attacks across their multiple cloud environments.
It also means that vendor MSSP partners will be able to offer these capabilities to their customers, who can likely use as much help as they can get in managing an increasingly complex set of management and security challenges.
“Their clients’ IT and security teams are likely to have more time, headcount, and capacity to keep up with the growing ecosystem of SaaS applications as well as how hackers innovate,” Krista Case, research director and senior analyst at Futurum Group, told MSSP Alert. “I expect that adding SaaS security services such as IAM (Identity and Access Management) and Threat Posture Management… represents a significant value-add, especially for mid-sized organizations that use a large and growing number of SaaS applications.”
Financial details of the proposed acquisition were not revealed, although Israeli media expect the deal to be worth $300 million.
Crowded platform
CrowdStrike's Falcon platform provides a range of capabilities, from endpoint security, threat and intelligence tracking to exposure management, cloud security and data protection. The vendor also offers generative AI in the form of Charlotte AI for workflow automation, quick response times, and other benefits.
With the five-year-old Applied Shield, Falcon will cover all parts of SaaS and identity security in the modern cloud environment, ranging from on-premises Microsoft Active Directory to SaaS applications to cloud-based identity providers, according to . CrowdStrike President Michael Sintonas.
“As organizations rapidly grow their cloud footprints, the need for a robust defense that extends to hybrid cloud environments is greater than ever,” Sintonas wrote in a blog post. “Adversaries target this rapidly growing attack surface and often use identity-based attack techniques to do so. As SaaS adoption continues to grow, the introduction of new applications introduces complexity and increases the risk of misconfigurations across human and non-human accounts that create opportunities for cyberattacks.”
Accelerate SaaS adoption
He pointed to an IDC report that said SaaS will be the largest cloud computing category this year, accounting for more than 40% of public cloud spending, which will reach $805 billion this year and double by 2028, the analysis firm wrote. Centunas also pointed to CrowdStrike's 2024 Global Threat Report, which found that cloud intrusions rose 75% in the past year and that 75% of attacks that hackers used for initial access were devoid of malware and instead used stolen credentials.
The SaaS security posture management capabilities that CrowdStrike will inherit from Applied Shield will help organizations combat such threats.
Complex defense environment
“As the world transitions to SaaS, the number of applications used by an organization is increasing,” Case told Futurum. “This creates an extremely difficult landscape for IT and security teams to keep up with. At the same time, SaaS applications will continue to grow as targets for attackers, as they are relied upon for key business services.
Having greater visibility and control over the security posture of SaaS applications will improve their ability to detect and prevent attacks, she said, adding that “the identity component is important because hackers today are logging in, rather than hacking, via compromised user credentials.” Access across a sprawling SaaS application environment is critical.
Choose the right partner
Security is a high-level concern for organizations, and such complex environments present a security nightmare, Rob Enderle, principal analyst at The Enderle Group, told MSSP Alert. This is where MSSPs – separate from other partners – can get involved.
“For those partners who know how to sell securities — a unique skill much like selling insurance — (CrowdStrike’s growing capabilities) will be of great benefit,” Enderle said. “For those who have not been trained in how to sell this type of service, it will be a distraction, so care must be taken to ensure that the partner selling this service has the skill set to sell it.”
The acquisition of the Israeli startup is CrowdStrike's second this year, following its March purchase of cloud data runtime security company Flow Security, which provided a platform for protecting data both on the move and at rest.
It also comes about four months after a massive global IT outage for computers running the Microsoft Windows operating system due to a faulty software update by CrowdStrike that took down about 8.5 million systems, disrupting businesses, government agencies and personal lives.
