CrowdStrike’s plan to bolster its identity protection and software-as-a-service (SaaS) security capabilities through its proposed acquisition of startup Adaptive Shield will help the cybersecurity vendor at a time when organizations are expanding their cloud footprints and bad actors are using identity to get initial access into those environments.
CrowdStrike will fold Adaptive Shield’s SaaS security tools into its Falcon security offering, a move company executives said will enable them to offer enterprises a single platform for the protections they need to guard against identity-based attacks across their multi-cloud landscapes.
It also means the vendor’s MSSP partners will be able to offer these capabilities to their customers, who likely can use as much help as they can get in managing an increasingly complex set of management and security challenges.
“Their clients' IT and security teams are likely even more strapped for time, headcount resources, and the ability to keep pace with the growing ecosystem of SaaS applications as well as how hackers are innovating,” Krista Case, research director and senior analyst with The Futurum Group, told MSSP Alert. “I would expect that adding in SaaS security services like IAM [identity and access management] and threat posture management … is an important value-add, especially for mid-sized enterprises that are using a large and growing number of SaaS applications.”
Financial details of the proposed acquisition were not released, although Israeli news outlets are speculating the deal will be worth $300 million.
A Crowded Platform
CrowdStrike’s Falcon platform offers a range of capabilities, from endpoint security and threat and intelligence hunting to exposure management, cloud security, and data protection. The vendor also offers generative AI in the form of Charlotte AI for workflow automation, accelerated response times, and other advantages.
With the five-year-old Applied Shield in the fold, Falcon will cover all parts of SaaS and identity security in the modern cloud environment, which ranges from on-premises Microsoft Active Directory to SaaS applications to cloud-based identity providers, according to CrowdStrike President Michael Sentonas.
“With organizations quickly growing their cloud footprints, the need for robust defense spanning hybrid cloud environments has never been greater,” Sentonas wrote in a blog post. “Adversaries are taking aim at this rapidly growing attack surface and often using identity-based attack techniques to do it. As SaaS adoption continues to grow, the introduction of new applications drives complexity and heightens the risk of misconfigurations across human and non-human accounts that create openings for cyberattacks.”
SaaS Adoption Accelerating
He pointed to an IDC report that said that SaaS will be the largest cloud computing category this year, accounting for more than 40% of public cloud spending, which will hit $805 billion this year and double by 2028, the analyst firm wrote. Sentonas also pointed to CrowdStrike’s own 2024 Global Threat Report, which found that cloud intrusions were up 75% last year and that 75% of attacks hackers used to gain initial access were malware-free and instead used stolen credentials.
The SaaS security posture management capabilities CrowdStrike will inherit from Applied Shield will help organizations with such threats.
A Complex Environment to Defend
“As the world is shifting to SaaS, the number of applications in use by any given enterprise is booming,” Futurum’s Case said. “This creates a very difficult landscape for IT and security teams to keep pace with. At the same time, SaaS applications will only continue to grow as targets for attackers, as they are relied on for key business services.”
Having greater visibility into and control of the security posture of SaaS applications will improve their ability to detect and prevent attacks, she said, adding that “the identity component is important because hackers today are logging in versus hacking in, via compromised user credentials. Controlling the identity verification and access policies across this sprawling SaaS application environment is critical.”
Pick the Right Partner
Security is a top-level concern for organizations and such complex environments are a security nightmare, Rob Enderle, principal analyst with The Enderle Group, told MSSP Alert. That’s where MSSPs – separate from other partners – can weigh in.
“For those partners who know how to sell security – which is a unique skill very similar to selling insurance – [CrowdStrike’s growing capabilities] would be a huge benefit,” Enderle said. “For those that aren’t trained on how to sell this type of service, it would be a distraction, so care needs to be taken to assure the partner selling this service has the skill set to sell it.”
The acquisition of the Israeli startup is CrowdStrike’s second this year, following its purchase in March of cloud data runtime security vendor Flow Security, which offered a platform for protecting data both at motion and at rest.
It also comes about four months after a massive global IT outage of Microsoft Windows computers caused by a faulty software update by CrowdStrike that saw about 8.5 million systems crash that disrupted businesses, government agencies, and personal lives.
