Actu
Zscaler, Inc. announced the intent to acquire Canonic Security
February 2023 by Marc Jacob
Zscaler, Inc. announced the intent to acquire Canonic Security, a SaaS application security platform innovator. Canonic’s platform is designed to prevent organizations’ growing risks of SaaS supply chain attacks. With the massive migration to the cloud, as organizations are adopting hundreds of SaaS platforms, their users are connecting thousands of third-party applications and browser extensions to their critical SaaS platforms like Atlassian Suite, Microsoft 365, Salesforce, Google Workspace, and Slack without IT’s permission. Corporate IT believes its critical data assets are stored and protected in enterprise-ready SaaS platforms. In reality, these assets are held in third-party drives, email clients, and chatbots, bringing data exposure and cyber risk to their SaaS supply chain. Canonic’s solution allows cybersecurity and IT teams to quickly gain visibility to this ungoverned surface area and streamline SaaS application governance and enforcement.
By integrating the new supply chain security capabilities into its data protection services, Zscaler strengthens its CASB (Cloud Access Security Broker) and SSPM (SaaS Security Posture Management) offerings enabling companies to consolidate point products reducing cost and simplifying management. This new capability builds upon the company’s recently announced industry-first, zero configuration data protection solution, and Zscaler’s commitment to data protection wherever the data resides.
According to research firm, Gartner®, “SaaS remains the largest public cloud services market segment, forecasted to reach $176.6 billion in end-user spending in 2022. Gartner expects steady velocity within this segment as enterprises take multiple routes to market with SaaS.” This large-scale move to the cloud has made it difficult for enterprise security operations teams to take control over their growing SaaS app estate and address exposure of their critical cloud data due to the SaaS supply chain – creating a greater attack surface for data breaches. These pain points are amplified due to the current IT skills gaps in the rapidly evolving cloud security space, resulting in an inability for IT to effectively manage the unwieldy set of settings and permissions for which they are responsible.
The addition of Canonic’s advanced SaaS security to Zscaler’s existing data protection will enable:
• Monitor SaaS Security Posture: Automate continuous monitoring of potentially fatal misconfigurations and compliance violations in SaaS platforms such as Atlassian Suite, Google Workspace, Microsoft 365, Salesforce and Slack.
• Discover and Assess Third-Party Apps and Extensions: Gain full visibility over first, second and third-party apps and API integrations across the enterprise business application estate. Uncover rogue and vulnerable apps, assess each integration posture, behavior and the risk involved with its API access and browser extensions.
• Reduce Attack Surface: Quarantine suspicious apps, reduce excessive and inappropriate privileges, revoke and block access if necessary.
• Enforce Access Governance: Enable app integrations by automating app-vetting and app access recertification processes.
The transaction is expected to close following the completion of Zscaler’s fiscal second quarter subject to the satisfaction of customary closing conditions. Terms of the transaction were not disclosed.
