Palo Alto Networks Details Strategy Post Acquisition Spree

Palo Alto Networks plans to bring together several cybersecurity platforms into a unified platform it is calling Prisma in the wake of agreeing to acquire Twistlock, provider of a container security platform, and PureSec, provider of a platform for securing serverless computing frameworks.

Palo Alto Networks paid $410 million in cash for Twistlock. The company declined to reveal the exact amount it paid for PureSec.

Both offerings will join existing next-generation firewalls (NGFs) and cloud security technologies Palo Alto Networks gained through its RedLock acquisition and the security incident management and orchestration tools it gained by acquiring Demisto. The combined offering will be available under the Prisma common management plane that will be delivered initially via Google Cloud Platform (GCP).

During an investor call, Palo Alto Networks CEO Nikesh Arora said these offerings increasingly would be delivered via a software-as-a-service (SaaS) model that will be similar to the way RedLock cloud security software is delivered today. However, he noted, that transition will take time. The Twistlock container security platform is deployed as an on-premises solution, and Palo Alto Networks is still crafting the cloud management plane that would be required to manage on-premises instances of both its NGFs and Twistlock.

As the Prisma framework is rolled out, Arora said he also expects to see an accelerated shift toward adoption of best DevSecOps practices that will be fueled by the ability to manage cybersecurity for different platforms centrally as organizations embrace containers and serverless computing frameworks on public clouds alongside virtual machines running in public clouds and in on-premises IT environments. A core component of that effort is a data lake dubbed Cortex that Palo Alto Networks continues to invest in to advance the use of artificial intelligence (AI) cybersecurity environments.

Palo Alto Networks also revealed that revenue for its fiscal third quarter 2019 grew 28 percent year over year to $726.6 million, compared with total revenue of $567.7 million for the fiscal third quarter of 2018. GAAP net loss for the fiscal third quarter 2019 was $20.2 million, compared to a GAAP net loss of $40.4 million for the fiscal third quarter of 2018. Arora said those results indicate that the company’s overall strategy is starting to resonate with new and existing customers, especially in areas such as cloud security, where sales of RedLock are growing rapidly. The plan, Arora said, is to leverage RedLock also to drive increased adoption of Twistlock and PureSec. The company counts more than 9,000 enterprise customers as of this latest quarter.

Arora said Palo Alto Networks is focusing on smaller, more profitable deals that generate additional recurring revenue versus multi-year contracts with its existing base of large enterprise customers. As part of that effort, the company is also trying to spur the adoption of higher levels of automation to reduce the overall cost of cybersecurity. He noted that of the $140 billion spent annually on cybersecurity, more than $80 billion was spent on services to implement $60 billion worth of product sales.

IT organizations have made it clear to Palo Alto Networks and other providers of cybersecurity offerings that the days of throwing money at every cybersecurity problem are coming to an end. The expectation is that a smaller number of vendors should be able to reduce the number of point products that organizations are finding too expensive to acquire, deploy and maintain. The race now is to become the first vendor to rationalize a cybersecurity product portfolio in a way that makes the most sense for an end customer to consume economically.

Featured eBook
7 Reasons Why CISOs Should Care About DevSecOps

7 Reasons Why CISOs Should Care About DevSecOps

DevOps is no longer an experimental phenomenon or bleeding edge way of delivering software. It’s now accepted as a gold standard for delivering software. It’s time for CISOs to stop fearing DevOps and start recognizing that by embedding security into the process they’re setting themselves up for huge potential upsides. Download this eBook to learn ... Read More
Security Boulevard
Michael Vizard

Michael Vizard

Mike Vizard is a seasoned IT journalist with over 25 years of experience. He also contributed to IT Business Edge, Channel Insider, Baseline and a variety of other IT titles. Previously, Vizard was the editorial director for Ziff-Davis Enterprise as well as Editor-in-Chief for CRN and InfoWorld.

mike-vizard has 115 posts and counting.See all posts by mike-vizard