Rapid7 has become the latest big-name security vendor to invest in new cloud security posture management (CSPM) capabilities, with the acquisition of DivvyCloud today.
The security analytics and automation vendor will pay $145m in cash and stock for the Arlington, Virginia-based CSPM specialist, with the acquisition expected to close in the second quarter of the year.
DivvyCloud supports all three major public cloud platforms plus Alibaba Cloud and Kubernetes, offering customers enhanced visibility and automated remediation capabilities to improve the security and compliance of such environments.
Rapid7 believes the addition of this technology will slot neatly into its Insight line-up, which already covers SIEM-based incident detection and response, vulnerability management, application security and security automation and orchestration.
“Security teams are constantly challenged with understanding and effectively managing the risk and security for cloud environments at DevOps speeds,” said the firm’s chief innovation officer, Lee Weiner.
“DivvyCloud’s technology, team and market leadership in the cloud security space will enable Rapid7 to better serve its customers’ needs by helping them innovate more securely, and provide a robust set of compliance and remediation paths for those with modern cloud infrastructure.”
As cloud complexity grows and in-house teams struggle with skills gaps, CSPM has become increasingly popular over recent years as a best practice way to fix the configuration errors that blight cloud deployments.
Last October, Trend Micro bought Australian startup Cloud Conformity in a $70m deal to build out its own capabilities in this area.
According to Gartner, by 2023, 99% of cloud security failures will be the customer’s fault, and “through 2024, organizations implementing a CSPM offering and extending this into development will reduce cloud-related security incidents due to misconfiguration by 80%.”