CyberArk has announced the acquisition of Conjur, a provider of DevOps security software.
In a deal worth $42m in cash, CyberArk said that this will help it deliver an enterprise-class, automated privileged account security and secrets management solution to secure the DevOps lifecycle and cloud-native environments.
The addition of Conjur will help allow users to accelerate modern software deployment with the addition of Conjur’s DevOps security software platform which automates machine identity provisioning, authorization of privileged access, service account control and machine-to-machine connectivity.
Udi Mokady, Chairman and CEO, CyberArk, said: “CyberArk’s acquisition of Conjur further strengthens our market leadership position – providing the industry’s only enterprise-class solution for privileged account security and secrets management on premises, in the cloud and across the DevOps pipeline. Now with Conjur, CyberArk customers can truly embrace DevOps without compromising on security.”
Elizabeth Lawler, CEO and co-founder, Conjur, added: “Conjur’s innovative DevOps security solution is gaining momentum with developers, security and operations teams in modern enterprise IT organizations around the world.
“We are excited to become part of CyberArk to set a new industry standard for privileged account security and secrets management, helping customers move to a true DevSecOps delivery model that supports greater business agility.”
In an email to Infosecurity, Quocirca analyst and director Bob Tarzey said that as effective DevOps requires the use of privilege, this acquisition makes sense.
The announcement comes in the same quarter as another acquisition impacting DevOps, when Veracode announced it was being acquired by CA Technologies.
Rik Turner, principal analyst at Ovym, told Infosecurity: "It strikes me as quite logical that CyberArk should want to buy in the area of DevOps security, given that (a) the whole area of DevOps is a hot one, with changes such as agile pushing companies into new ways of doing business; and (b) the developers can obviously be thought of as a special group of privileged users, and so a sort of natural extension of what CyberArk already does."