Palo Alto Networks Acquiring Dig Security for Reported $300 Million-$400 Million

Palo Alto Networks confirmed it is acquiring Dig Security, an Israel-based security startup that offers data security posture management (DSPM).

According to TechCrunch, citing multiple sources, Palo Alto Networks is shelling out between $300 million and $400 million for Dig Security. Palo Alto Networks isn't confirming that.

Dig Security's DSPM solution allows organizations to discover, classify, monitor and protect sensitive data across all cloud data stores. This will give Palo Alto Networks' customers visibility into and control of their multicloud data estate.

After the close of the proposed acquisition, Palo Alto Networks will integrate Dig Security's capabilities into its Prisma Cloud platform to provide near real-time data protection from code to cloud. Dig Security was founded by entrepreneurs Dan Benjamin, Ido Azran and Gad Akuka. They will continue leading their teams in joining the Prisma Cloud team at Palo Alto Networks after closing.

As we reported in September, Palo Alto Networks reportedly also is looking at acquiring Talon Cyber Security, also based in Israel. Talon Cyber Security provides enterprise browser technology. Palo Alto Networks hasn't confirmed that potential acquisition.

Dig Security to Strengthen Palo Alto Networks' Data Security Capabilities

Palo Alto Networks' Lee Klarich

"As companies build artificial intelligence (AI)-enabled applications, there will be a substantial increase in the amount of data transferred to the cloud," said Lee Klarich, Palo Alto Networks' chief product officer. "Dig's highly innovative DSPM technology helps safely enable this shift, and its dedicated team will complement and help advance Palo Alto Networks' strengths across cloud security. The announcement of our intent to join forces with Dig reinforces our longstanding commitment to our team in Israel, and to continue growing our footprint with its talented and dedicated cybersecurity professionals."

In a blog, Amol Mathur, Palo Alto Networks' senior vice president of products for Prisma Cloud, said once the acquisition closes, Dig Security will "strengthen our investment in powerful data security capabilities that extend Code to Cloud intelligence insights to cloud data stores and generative AI models, allowing security teams to have a comprehensive operational view of applications, data and cloud infrastructure, all in one place."

Palo Alto Networks' Amol Mathur

"More importantly, it will enable them to detect and respond to data exfiltration rapidly," he said.

In his blog, Dan Benjamin, Dig Security's co-founder and CEO, said combining forces with Palo Alto Networks will "help accelerate our vision through the seamless integration of Dig Security with Prisma Cloud, a move that will enhance the capabilities and offerings of both platforms."

"This acquisition is not the end of our journey; rather, it's a significant leap forward," he said. "We are committed to providing you with even more robust and innovative solutions that will empower you to protect your data in the ever-evolving digital landscape. Your data security, your trust and your success are paramount to us."

Dig Security vs. Other DSPM Acquisitions

Rik Turner, senior principal analyst with Omdia, which shares a parent company with Channel Futures (Informa), said this is the third acquisition of a DSPM vendor by a larger player, after IBM/Polar Security and Rubrik/Laminar. In both of those cases, however, the buyer was coming from a data background. In IBM’s case, Polar Security was acquired to give a cloud dimension to the Guardium data protection portfolio, or at least to bolster significantly what IBM Guardium could do with cloud-based data stores. Rubrik is cloud-native, so Laminar added a security capability to its existing data management/backup and restore offerings.

"With Palo/Dig, by contrast, the buyer is coming from a cloud security perspective, such that the DSPM technology will be used to strengthen its cloud-native application protection platform (CNAPP), adding another module to that portfolio alongside CSPM, etc.," he said. "It’s interesting because, as DSPM emerged as a market segment over the last year or so, there was discussion within our team about where it would end up. It was clearly not going to remain a standalone sector, and just like DLP and CASB before it, we saw it being incorporated into broader portfolios. This would be done by larger vendors, seeking to preach the kind of 'one-stop-shop' philosophy that is attractive to customers from a financial perspective, but also operationally. It occurred to us that DSPM could equally find a home among broader, data-centric portfolios or in cloud-focused ones, and it turns out that both those things are happening."

Not everyone among the buyers’ competitors feels the need to acquire, Turner said.

"On the data management/security side of things, major players from the on-premises world, such as Varonis and BigID, have added homegrown DSPM capabilities to make their portfolios relevant for the cloud era," he said. "Meanwhile in the CNAPP market, Palo competitors such Orca Security and Wiz have both developed their own DSPM capabilities, though the specialist startups I’ve asked about that say it’s more 'DSPM lite' than full-blown DSPM, but then they would, wouldn’t they?"

Raising the Overall Profile of DSPM

Adam Strange, principal analyst of data security with Omdia, said Palo Alto Networks will strengthen its already extensive portfolio with the addition of the Dig Security DSPM capability.

"Notably, it provides Palo Alto with a dedicated data discovery proposition, something that really forms the bedrock of broader data security posture and strategy – you cannot protect data unless you know where it is and what it is," he said. "On that basis, Dig’s DSPM solution, and with it the data-centric stance inherent within DSPM, enhances Palo Alto’s capabilities around end-point and cloud-native application protection. It also enables Palo Alto to build out a wider end-to-end cybersecurity ‘platform’ message from data, through the end-point, into the network and the cloud, together with their existing SecOps wrap. A more compelling message certainly emerges."

This acquisition also bolsters the overall profile of DSPM, Strange said. DSPM is a rapidly growing area, but it is still in its infancy.

"Palo Alto now joins IBM, Rubrik and Thales in January/February next year, in seeing the opportunity data security represents," he said. "The cumulative strength of their brands together gives credibility to the DSPM story, and underlines it as the central route to progress down in terms of robust data security, and the need for continuous assessment of data security posture to ensure conformity with required standards and policies. Data security is now firmly emerging as a separate cybersecurity discipline in its own right, which is arguably where it should have been all along. And this acquisition gives further weight to my view that data security has now emerged from a component of the wider cybersecurity discussion into a specific area requiring dedication and focus. We have progressed into data security 2.0."