Businesses Go on Pre-Holiday Cloud Acquisition Spree

VMware, McAfee, and Trend Micro announce a series of acquisitions that indicate a strong focus on cloud security.

Kelly Sheridan, Former Senior Editor, Dark Reading

December 21, 2017

3 Min Read
Dark Reading logo in a gray background | Dark Reading

Tech companies closed 2017 with cloud-focused acquisitions that demonstrate an industry-wide trend that refuses to slow down. VMware, McAfee, and Trend Micro all have announced plans to buy cloud businesses within the past month.

Earlier this month, VMware finalized its purchase of VeloCloud Networks. It plans to add VeloCloud's software-defined wide area network (SD-WAN) tool to its lineup so it can help users run, manage, connect, and secure applications in the cloud, Jeff Jennings, senior vice president and general manager of VMware's networking and security business, wrote in a blog post.

The SD-WAN tool will boost performance and availability for enterprise and cloud applications with "full visibility, metrics, control and automation of all endpoints," he added.

McAfee Buys Skyhigh
Less than eight months after its spinoff from Intel, McAfee purchased cloud access security broker (CASB) provider Skyhigh Networks. In a post on the news, McAfee CEO Christopher Young called it "an ideal complement" to McAfee's strategy going forward.

"Cloud security has historically been an afterthought of, or impediment to, cloud adoption," he pointed out. Indeed, this year has proven time and again the dangers of rushing to cloud without putting the right safeguards in place, as demonstrated by a series of AWS data leaks affecting major organizations including TigerSwan, Dow Jones, and, most recently, Alteryx.

Skyhigh will "accelerate" McAfee's strategy, says Raja Patel, vice president and general manager of corporate products at McAfee. He calls endpoint and cloud "architectural control points" that address threats targeting data, applications, and infrastructure.

Security operations teams need automation and orchestration to address a higher number of threats with fewer resources, Patel continues. The CASB space is maturing: by 2020, 85% of large businesses will use a CASB product, he says, citing data from Gartner.

This acquisition is "fortifying the cloud control point," he explains. The ultimate goal for McAfee is to strengthen endpoint and cloud security, and it believes Skyhigh will drive this forward. "More and more of us are transient in and out of environments with our devices, and more and more of the services we access are outside the enterprise in the cloud," Patel says.

The Skyhigh brand name will remain in the market following the transaction. McAfee will "consider opportunities" to endorse it, Patel says, given its strong reputation for cloud security.

Trend Micro Acquires Immunio
Around the same time McAfee bought Skyhigh, Trend Micro snapped up Immunio. The goal is to expand its hybrid cloud security tool with a combination of purchased capabilities and in-house development, the company explained. Trend Micro will acquire Immunio's application security technology and talent.

"As organizations move to the cloud and adopt a more modern approach to applications delivery — generally falling under the 'DevOps' term — traditional approaches to security, such as bolting it on at the end of development or trying to form a strong perimeter, just don't work," says Mark Nunnikhoven, vice president of cloud research for Trend Micro.

Immunio integrates with application code to analyze its behavior and protect against threats in a way other approaches don't, he adds. Trend Micro's goal is to build a platform that can integrate with DevOps culture. It's focusing on automation for customer applications, building its Deep Security platform, and ramping up internal R&D to focus on container image scanning.

The acquisition will bring Immunio's early detection, protection against app vulnerabilities, and container image scanning into these projects.

"You can protect all stages of application delivery, from the time the code is written all the way through to production," says Nunnikhoven. "To do that, you have to apply the right security technique at the right time in the application lifecycle."

Related Content:

About the Author

Kelly Sheridan

Former Senior Editor, Dark Reading

Kelly Sheridan was formerly a Staff Editor at Dark Reading, where she focused on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial services. Sheridan earned her BA in English at Villanova University. You can follow her on Twitter @kellymsheridan.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights