Evident.io Buy Gives Palo Alto a Cloud Strategy

On March 14, Palo Alto Networks (PANW) announced it is acquiring Evident.io for $300 million cash. That is a really nice outcome for Evident.io co-founders Tim Prendergast and Justin Lundy. Congrats to both of them, as well as the rest of the Evident team.

Also, congrats to Palo Alto for acquiring a cloud strategy.

I say that a little tongue-in-cheek, but just a little. I remember like 10 years ago when cloud was first bursting on the security scene. Every interview, every VC wanted to know, “What is your cloud strategy?” For a long time I looked at many of the firewall vendors, next-gen and not, and wondered what their cloud strategy was. Yes, there were virtual firewalls they could put in front of their cloud apps, but weren’t those really web application firewalls (WAFs)?

There were some cloud-native firewall players, such as Dome9. Even they have evolved over the years beyond cloud firewall. Bigger picture, what really would the firewall players do? Checkpoint? Juniper? The rest? They have all tried to fit their square firewalls into round cloud holes. But at the end of the day, the entire network security stack has had to grapple with the question: What is their cloud story?

Evident.io, on the other hand, was a true cloud-native play. Tim and Justin took the lessons they learned at Adobe and elsewhere to develop what I always thought was one of the best cloud security solutions in the market. Yes, they were probably a little early at first, and, like many startups, went through a period of right-sizing to get the right people, but over the last 18 months or so, Evident.io seems to have hit its stride.

I am sure part of this deal is that Tim and Justin have to stay on for a while to help Palo Alto. I don’t know, but I imagine Tim will become EVP or SVP of cloud solutions or something like that. Good for both of these guys—they worked long and hard. I remember them fighting through raising money when things were getting tight and it wasn’t easy.

I imagine Palo Alto will build on the Evident product line and combine it with existing Palo Alto security to offer hybrid and “360-degree” security solutions. While $300 million cash may seem rich in terms of a multiple, in giving Palo Alto a viable cloud strategy, it’s a bargain.

The question now is, What about the rest of the firewall vendors? Yeah, they can keep selling cloud virtual firewalls, but that is really commodity. What is their real cloud strategy? For many of these who are also cash cows, the usual security R&D method, M&A is the best option. I think this could set off a bit of a buying spree for firewall and firewall management companies (look at Firemon, Tuffin, AlgoSec, Skybox) to acquire native-cloud security solutions. Rumors are already out that FireEye could be bought by Cisco.

In the meantime, someone once told me that startups are a little like owning a boat. The two best days are the day you buy (or start) it and the day you sell it. So congrats to the Evident team, and to the Palo Alto team on their new cloud strategy.

Featured eBook
The Main Application Security Technologies to Adopt by 2018

The Main Application Security Technologies to Adopt by 2018

As hacker attacks on the application layer evolve, the need for application security that provides continuous coverage and real-time protection and remediation becomes a top priority. The tools and practices that used to provide security to organizations no longer provide a complete solution in today’s developer ecosystem. Security practices need to change, being implemented and ... Read More
WhiteSource
Alan Shimel

Alan Shimel

Throughout his career spanning over 25 years in the IT industry, Alan Shimel has been at the forefront of leading technology change. From hosting and infrastructure, to security and now DevOps, Shimel is an industry leader whose opinions and views are widely sought after.

Alan’s entrepreneurial ventures have seen him found or co-found several technology related companies including TriStar Web, StillSecure, The CISO Group, MediaOps, Inc., DevOps.com and the DevOps Institute. He has also helped several companies grow from startup to public entities and beyond. He has held a variety of executive roles around Business and Corporate Development, Sales, Marketing, Product and Strategy.

Alan is also the founder of the Security Bloggers Network, the Security Bloggers Meetups and awards which run at various Security conferences and Security Boulevard.

Most recently Shimel saw the impact that DevOps and related technologies were going to have on the Software Development Lifecycle and the entire IT stack. He founded DevOps.com and then the DevOps Institute. DevOps.com is the leading destination for all things DevOps, as well as the producers of multiple DevOps events called DevOps Connect. DevOps Connect produces DevSecOps and Rugged DevOps tracks and events at leading security conferences such as RSA Conference, InfoSec Europe and InfoSec World. The DevOps Institute is the leading provider of DevOps education, training and certification.

Alan has a BA in Government and Politics from St Johns University, a JD from New York Law School and a lifetime of business experience. His legal education, long experience in the field, and New York street smarts combine to form a unique personality that is always in demand to appear at conferences and events.

alan has 16 posts and counting.See all posts by alan