FireEye has announced the acquisition of cloud security posture management (CSPM) startup Cloudvisory. The deal closed January 17; terms were not revealed. It is the latest in a long series of acquisitions by prominent enterprise cybersecurity vendors aiming to help customers address asset discovery, breach prevention, and policy-based compliance across multicloud IT environments.
Analyzing the future of FireEye's product portfolio requires understanding just one thing: Helix.
The vendor has undertaken a multiyear effort to transform Helix – at its core a legacy SIEM – into a multifaceted cloud-based security platform. FireEye has already added several capabilities to Helix:
orchestration, via its 2016 acquisition of Invotas
threat intelligence, via the 2016 acquisition of iSight Partners
instrumentation, per last year's acquisition of Verodin.
But to succeed as the multifaceted cloud-based cybersecurity and risk management hub that FireEye envisions, Helix needed more robust capabilities to support increasingly critical cybersecurity and compliance processes involving cloud workloads and containers.
That's where Cloudvisory comes in. The Dallas, Texas, based startup, founded in 2013 and employing several dozen people, specializes in providing cloud asset visibility, compliance, and policy governance across public and private cloud environments. In a time when hybrid IT environments often encompass one or more of the three major public cloud platforms – Amazon Web Services, Microsoft Azure, and Google Cloud Platform – as well as public and private cloud deployments on VMware and OpenStack, FireEye is betting that it can combine Cloudvisory's capabilities with Helix to consistently discover and apply policy-based controls to a wide variety of IT assets across hybrid cloud environments.
Specifically, the Cloudvisory Security Platform's key capabilities include
discovery, visualization, and audit of multicloud infrastructure assets to identify security threats and business risk
compliance assurance employing policy guardrails that serve to identify, alert on, and report specific configuration issues in multicloud environments
governance automation that applies policy-based remediation to compromises related to various workloads, cloud applications and microservices, non-compliance issues, policy violations, and other threats.
The solution also offers platform-specific compliance reports, offering line-item detail, that score the organization against a checklist of compliance controls and identify specific non-compliance issues.
While this is a needed capability for FireEye, competitors have already made similar acquisitions in the realm of CSPM. The most notable recent CSPM acquisitions include
Trend Micro's 2019 acquisition of Cloud Conformity
McAfee's 2019 purchase of NanoSec
Palo Alto Networks' 2018 acquisitions of Evident and RedLock
Check Point's 2018 acquisition of Dome9.
The extent to which FireEye gains a full-fledged cloud workload security solution is unclear, as is the extent to which Cloudvisory can address security for containers.
While the deal helps nudge FireEye in the right direction strategically, the vendor has work to do in convincing the marketplace that its cloud and container security capabilities and vision can match those of its rivals, and that Helix is the best mechanism through which to consume those capabilities.