is buying Attivo Networks Inc. in a bid to better protect hybrid workforces that increasingly rely on cloud-based tools.
Mountain View, Calif.-based SentinelOne will pay $616.5 million in cash and stock for Attivo, an identity-protection business that aims to detect threats to user credentials and prevent attackers from moving within corporate computer networks to steal data or disrupt operations.
The acquisition is intended to bolster SentinelOne’s platform, which automates many cyber defenses, as more employees work outside firewalls and other protections that are often structured around physical offices, Chief Executive
“Identity-borne attacks and user-based attacks are ones that we see on the rise,” Mr. Weingarten said. “It’s just a massive need in the market and an evolution of the threat landscape.”
Attivo Networks, which is based in Fremont, Calif., was founded in 2011, while SentinelOne was founded in 2013.
The companies expect the deal to close in the second quarter of this year, pending regulatory approval.
The move comes as many businesses have maintained staff outside the traditional office setting despite loosening pandemic restrictions. Hybrid or remote setups often rely on an array of devices and cloud-based tools, forcing chief information security officers to monitor increasingly complex systems.
Hackers target user credentials to gain access to data they can sell, encrypt or leak. “We decided to focus our technology and innovations on defeating the attacker in that very early stage of the attack,” said Attivo CEO
Such identity-based threats figure prominently in many ransomware incidents, including the hack last year that forced Colonial Pipeline Co. to shut down the East Coast’s largest conduit for fuel for six days.
Mr. Weingarten said SentinelOne would offer Attivo’s tools as a separate add-on to its platform. The companies already work together when it comes to certain customers, he said, and that technical partnership provides a roadmap for their coming integration.
“We definitely plan to keep the vast majority of the team,” Mr. Weingarten said of Attivo Networks, which has about 240 employees.
SentinelOne’s customers include the Montana state government, cosmetics manufacturer
Norwegian Air Shuttle AS
A, according to its website.
Investors flocked to cybersecurity companies during the pandemic as businesses digitized more of their operations, leading to a flood of threats and new investment by CISOs. The shift provided a particular boost to certain security vendors, such as SentinelOne, that license software through the cloud and have prioritized growth over profitability.
SentinelOne, which is slated to announce earnings Tuesday, said its revenue in the quarter ended Oct. 31 more than doubled from a year earlier to $56 million. The company had an operating loss of $67.4 million in the Oct. 31 quarter, compared with a year-earlier loss of $29.7 million.
Stock markets have cooled in recent months, leading to volatility for some publicly traded cybersecurity businesses. Rising interest rates and geopolitical tensions emanating from Russia’s invasion of Ukraine have made investors more skeptical of high-growth companies that burn through cash, said Fatima Boolani, co-head of U.S. software equity research at Citi.
“They have been under a lot more scrutiny and a lot more pressure,” Ms. Boolani said.
Still, investment in the cybersecurity sector continues. Last week,
Google agreed to buy Mandiant Inc. for nearly $5.4 billion in a bid to add the cyber firm’s incident-response expertise to automated tools that protect the tech giant’s cloud offerings.
Speaking about the cybersecurity sector as a whole, Ms. Boolani said, “The fundamentals are generally still in their favor.”
Write to David Uberti at firstname.lastname@example.org
Copyright ©2022 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8