Google LLC today said that it has acquired venture-backed cybersecurity startup Siemplify, officially CyArx Technologies Ltd, to enhance its breach prevention capabilities.

The search giant didn’t specify the deal’s financial terms in its announcement. But CTech reported that the transaction is estimated to be worth $500 million, which represents a major win for Siemplify’s investors. The startup raised $58 million in funding prior to the acquisition, according to Crunchbase data.

Siemplify, which maintains offices in New York, Israel and London, provides a SOAR platform of the same name. SOAR is short for security orchestration, automation and response. It’s a term used to describe cybersecurity products with features that help companies investigate hacking attempts, as well as take steps to block them.

The company says its platform enables cybersecurity professionals to track, investigate and remediate threats in a single, centralized interface. Users can create software workflows called playbooks in the platform to automate manual aspects of their work. A cybersecurity expert can, for example, create a workflow that automatically opens suspicious files in a sandbox to determine if they indeed contain malware.

Siemplify counts many large companies among its clients. The startup’s customer base includes FedEx Corp., Mondelez International Inc. and other major brands.

One of the factors behind Siemplify’s market traction is that it provides features for not only running a company’s breach remediation workflow but also finding ways of making it more efficient. According to the startup, its platform generates dashboards that highlight opportunities to improve how an enterprise tackles breach attempts. Companies can use the dashboards for, among other tasks, finding manual cybersecurity tasks that could be automated with playbooks.

Google plans to integrate the technology with the product portfolio of its Chronicle cybersecurity unit. Chronicle’s flagship offering is a cloud platform for investigating network breaches. The platform can store data on cybersecurity incidents for years, which allows cybersecurity teams to retain valuable historical information about hacking attempts.  

Chronicle’s product portfolio includes two additional offerings. The Google unit’s VirusTotal service helps companies analyze files for malware. Additionally, Chronicle provides cybersecurity threat intelligence that companies can use to enhance their network defenses.

“Providing a proven SOAR capability unified with Chronicle’s innovative approach to security analytics is an important step forward in our vision,” stated Sunil Potti, vice president and general manager of Google Cloud Security. “Building an intuitive, efficient security operations workflow around planet-scale security telemetry will further realize Google Cloud’s vision of a modern threat management stack.”

The acquisition of Siemplify will enable Google to establish a bigger presence in the fast-growing cybersecurity automation market. According to Forrester Research Inc., 93% of cybersecurity operations teams plan to add more automation to their incident response workflows in the coming years. Siemplify’s platform, with its ability to reduce manual work using playbooks, can help Google address the market opportunity.

Google is gaining a broad set of automation features through the deal. In addition to the ability to create automation playbooks, Siemplify offers a simulator for testing playbooks’ reliability before they’re deployed. An analytics tool helps administrators track automation workflows after they’re deployed to find areas for improvement. 

The technology that Google obtains through the acquisition could also boost its public cloud in the long term. Cybersecurity is a major priority for companies when choosing which cloud platform to use. As a result, adding new features to make fending off hacking attempts easier helps Google improve its value proposition.

Google significantly expanded its cybersecurity capabilities in 2021. Google introduced features to help companies protect sensitive business data and more easily find software vulnerabilities in their cloud environments. In October, the company announced the formation of the Google Cybersecurity Action Team, an advisory practice focused on helping customers improve their network defenses. 

Image: Google