The acquisition will enable Tenable to extend its cloud strategy to support enterprises in securing their full cloud stacks, both at build time and runtime
Cyber Exposure company Tenable Holdings has signed an agreement to acquire cloud-native security firm Accurics for nearly $160m in cash.
The acquisition is expected to allow Tenable to provide programmatic assessment and automated mitigation for infrastructure as code (IaC) before they pose risks to cloud deployments.
It is anticipated to extend Tenable’s cloud strategy to support enterprises in securing their full cloud stacks, both at build time and runtime.
Upon completion of the Accurics acquisition, the cybersecurity solutions provider will be able to include the automated remediation of policy violations and breach paths into its solutions.
Accurics’ enterprise offering is developed to scan IaC for misconfigurations and monitors provisioned cloud infrastructure for drift.
Tenable is expected to integrate Accurics’ solutions with its Tenable.io Container Security, a solution that integrates security into DevOps, Frictionless Assessment, which eliminates the need for agents or scanning to provide continuous visibility and assessment of cloud assets.
The solutions developed by Accurics also include Terrascan, an open-source tool for DevOps, which is claimed to have become a foundational part of cloud IaC practices.
Tenable chairman and CEO Amit Yoran said: “Fully integrating security into the DevOps process and leveraging IaC processes to assess and prevent problems before deployment will secure cloud operations at speed and scale.
“From the introduction of Terrascan to their enterprise platform, Accurics is leading that revolution. Together, we will enable organizations to push their cloud and ‘as code’ journeys forward — with IaC, with containers and compute instances.
“This is all about accelerating innovation and simultaneously enabling security in ways previously not possible.”
Tenable and Accurics intend to launch a complete lifecycle approach to modern risk management, following the completion of the transaction.
The approach is expected to leverage IaC to fix problems for any cloud environment, before the businesses get exposed to the risks.
The transaction is expected to be completed late in the third quarter or early in the fourth quarter of this year, subject to the satisfaction of customary closing conditions.