CrowdStrike Holdings Inc. today announced plans to acquire Adaptive Shield Ltd., a startup that helps companies protect the data they keep in cloud applications.

The deal’s financial terms were not disclosed. CTech reported that the transaction is worth $300 million, more than six times the amount that Adaptive Shield has raised from investors. The company counts Blackstone and Insight Partners among its backers.

CrowdStrike is one of the world’s largest cybersecurity providers with an installed base of more than 30,000 organizations. Its software helps protect cloud environments, employee devices and other assets from cyberattacks. CrowdStrike’s customers spent $963.9 million on its products last quarter, 32% more than the same time a year earlier.

Tel Aviv-based Adaptive Shield, in turn, provides a cybersecurity platform for protecting software-as-a-service applications. The software scans such applications for vulnerabilities, misconfigured accounts and malicious activity. Adaptive Shield also generates suggestions on how administrators can fix the issues it finds.

Workers often log into cloud applications using their Google Workspace and Microsoft 365 accounts. During the sign-up process, an application can gain access to the files associated with a worker’s account, which sometimes creates cybersecurity risks. Adaptive Shield says its platform automates the task of uncovering such risks to save time for administrators.

The platform can also find a range of other cybersecurity issues. It detects when a company doesn’t enable an application’s malware detection features or uses weak passwords. Adaptive Shield spots more subtle issues as well, such as employee accounts that have access to more data than is strictly necessary.

A breach detection engine built into the platform monitors for attempts by hackers to access a company’s cloud applications. After spotting malicious activity, Adaptive Shield generates a summary of the breach tactics that the hackers used. It identifies breach tactics based on information in MITRE ATT&CK, a database of hacking methods that cybersecurity professionals use as a reference during threat investigations. 

To help customers fix the most urgent issues first, Adaptive Shield ranks the cybersecurity risks it finds by severity. It generates remediation suggestions to guidance administrators through the breach response process. 

In addition to cloud applications, Adaptive Shield’s risk detection engine analyzes the devices with which a company’s employee access those applications. The software detects when a worker attempts to log into a service from an insecure computer or handset. It can check whether a device is managed by the information technology team, as well as determine if it may be running software with known vulnerabilities.

“As SaaS and AI adoption grows, every new application brings additional complexity and the risk of misconfigurations across human and non-human accounts that create openings for sophisticated attacks,” said CrowdStrike Chief Executive Officer George Kurtz.

Adaptive Shield relies on CrowdStrike’s flagship Falcon cybersecurity platform to power some of its device security features. In particular, it uses the software to determine which employee uses what endpoint and find vulnerable systems. This existing integration should make it easier for CrowdStrike to integrate Adaptive Shield into its product portfolio.

The companies expect to close the acquisition by February.

Photo: CrowdStrike