Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

Tenable's Plan to Acquire Ermetic Will Accelerate Customer Value in CNAPP and Exposure Management

Tenable announces intent to acquire cloud security innovator Ermetic

The acquisition of cloud security innovator Ermetic, once completed, will add unified, elegantly integrated CNAPP and market-leading CIEM capabilities to the Tenable portfolio.

Today, Tenable announced our intent to acquire Ermetic, an innovator in the cloud security market with deep expertise and capabilities in the complex discipline of securing cloud identities and entitlements. Ermetic has developed an end-to-end cloud-native application protection platform (CNAPP) and is a thought leader in cloud infrastructure entitlement management (CIEM).

This acquisition will dramatically impact our customers’ ability to protect their digital estates and prioritize their teams’ efforts based on real risk to the business. Why? Because Ermetic and Tenable together can help organizations address three of the most difficult challenges in cybersecurity today:

  1. Maintaining security despite the scale and pace of change the cloud presents
  2. Managing the risk caused by an explosion in volume of user and machine identities
  3. Understanding the cybersecurity impact of the complex relationships that define the modern attack surface

First, the scale and pace of change presented by the cloud cannot be overstated. More than just infrastructure, cloud changes the way applications are built, delivered and accessed. This sea change has driven a fundamental shift in security practices and tooling, but few organizations have been able to keep up. According to the Cloud Security Alliance (CSA) Cloud Native Application Protection Platform Survey Report, fewer than 30% of organizations have integrated commonly deployed security tools like cloud security posture management (CSPM), cloud workload protection (CWP) and CIEM across multiple cloud environments.

What impressed us about Ermetic is the elegantly integrated multi-cloud CNAPP product the company has built, with an intuitive user experience made for the cloud-native world. These capabilities accelerate the cloud security investments we’ve already made — agent-based and agentless assessment features, CSPM and container security, infrastructure as code (IaC) security — through engineering efforts and acquisition. Ermetic accelerates our ability to meet the next generation of security challenges our customers face.

Second, cloud adoption has multiplied user identities, machine identities, and the risks they present. In particular, machine identities — now estimated by industry analysts to be 10x as numerous as human identities — present many new attack paths for threat actors to exploit. Ermetic puts a lot of focus on the unique challenges presented by identities and entitlements in the cloud, helping define today’s CIEM practice.

Tenable and Ermetic have a shared view that identity security is more important than ever before. It is necessary to prevent adversaries from elevating entitlements and gaining access to an organization’s most valuable assets. And applying identity context is critical to understanding true risk to the business and prioritizing preventive actions accordingly.

And that brings me to my third point, and what excites me most about today’s announcement. For several years, Tenable has been broadening our preventive security capabilities to help our customers gain a more complete, accurate and actionable view of their attack surface. Late last year we delivered Tenable One, the Exposure Management Platform, and have seen enthusiastic adoption from organizations of all sizes. Exposure management shifts preventive security from securing technology silos to applying contextual risk intelligence to protect the business. Ermetic accelerates this shift for Tenable customers, adding a depth of expertise and capabilities that provide context to prioritize risk and simplify remediation. Ermetic adds analytical muscle, more contextual relationships and more data to make Tenable One an even more effective platform for preventive security.

We are very excited for Ermetic’s team of experts to join our mission here at Tenable, and I’m excited to share more details once we complete the acquisition in the coming weeks. We hope you share our excitement and are looking forward to the value Tenable and Ermetic will deliver in the near future.

Learn more

Related Articles

Cybersecurity News You Can Use

Enter your email and never miss timely alerts and security guidance from the experts at Tenable.