Okta Inc. today announced that it will acquire Spera Cybersecurity Inc., a startup helping enterprises secure employee accounts across services such as Salesforce and GitHub.

CTech reported that the deal will be worth between $100 million and $130 million depending on whether certain performance milestones are met. According to Okta, the acquisition is on track to close by Feb. 1. The company doesn’t expect the deal to affect its financial guidance once it goes through.

Nasdaq-listed Okta provides software that organizations use to process the login requests sent to their applications. Over the past few months, it has worked to expand its presence in a related market Gartner Inc. refers to as the ITDR, or identity threat detection and response, segment. The research firm expects that enterprise adoption of such software will expand from 5% to 20% today to 90% by 2026, which means the segment could become a new source of revenue growth for Okta. 

Tel Aviv-based Spera provides an ITDR platform of the same name. Its software can map out all the user accounts across a company’s on-premises and software-as-a-service applications, as well as public cloud platforms such as Amazon Web Service. Spera then flags accounts with insecure settings that should be removed to reduce the risk of cyberattacks.

Employees are sometimes given access to more applications than they strictly require for their work. If their accounts were to be breached by hackers, the accounts would pose a bigger risk than if they had access to a more limited number of workloads. Spera says its platform not only identifies insecure accounts but also prioritizes them based on the amount of risk they pose to streamline administrators’ troubleshooting efforts.

Insecure user permissions often emerge when workers leave a company. In some cases, administrators only partly disable departing workers’ accounts and leave them with access to some applications. Such insecure, often overlooked accounts can potentially be used by hackers to gain network access.

Spera says its platform spots a wide range of configuration settings. It can detect important user accounts that don’t have multifactor authentication enabled. Spera also finds accounts without SSO, or single sign-on, a feature that improves cybersecurity by enabling workers to log into multiple work applications with a single set of credentials.

Spera will complement a number of similar capabilities Okta recently added to its product suite. Last month, it launched Okta Privileged Access, a service designed to help enterprises secure administrative accounts with the ability to modify mission-critical systems. Earlier, the software maker debuted an artificial intelligence tool that automatically detects and blocks malicious account activity. 

Image: Spera Security