Cloud security company Zscaler is acquiring Canonic Security, an Israel-based SaaS application security platform provider. It aims to prevent organizations’ growing risks of SaaS supply chain attacks.

By integrating the new supply chain security capabilities into its data protection services, Zscaler strengthens its cloud access security broker (CASB) and SaaS security posture management (SSPM) offerings.

This new capability builds upon Zscaler’s recently announced zero configuration data protection solution. In addition, it builds on its focus on data protection wherever the data resides.

Zscaler isn’t disclosing financial details of its Canonic Security acquisition.

Canonic Security Adds to Existing Zscaler Data Protection

Jay Chaudhry is Zscaler’s CEO, chairman and co-founder.

Zscaler’s Jay Chaudry

“When I speak with the top global CIOs, they consistently express their challenges with efficiently securing supply chain logistics due to the massive blind spot in SaaS-to-SaaS communications,” he said. “While protecting SaaS platforms is necessary with CASB and SSPM, enterprises must reduce the supply chain attack surface, detect SaaS-native threats and automate responses. The addition of Canonic augments our CASB and SSPM capabilities, and further strengthens the growing set of services on the Zscaler Zero Trust Exchange, the world’s largest cloud security platform, and provides our customers with unprecedented visibility and security of their SaaS applications.”

Moinul Khan is Zscaler’s vice president/general manager of data protection platform.

“As enterprises adopt more and more SaaS-based services, unapproved third party connected apps are posing significant risks of data breaches and data loss,” he said. “The combination of Canonic Security’s SaaS application supply chain security solution with Zscaler’s existing data protection and CASB capabilities, while expanding its SSPM offering, enables companies to consolidate point products, reducing cost and simplifying management.”

Zscaler with Canonic Security Gives Cybersecurity, IT Teams More Visibility

Organizations are adopting hundreds of SaaS platforms. While doing so, their users are connecting thousands of third-party applications and browser extensions to their critical SaaS platforms like Atlassian Suite, Microsoft 365, Salesforce, Google Workspace and Slack without IT’s permission. Canonic Security’s solution allows cybersecurity and IT teams to gain visibility to this ungoverned surface area. They also can streamline SaaS application governance and enforcement.

“The acquisition provides Zscaler customers with unprecedented visibility and security of their SaaS platforms, and protects their crown jewels from risky third-party apps and browser extensions,” Khan said. “The global cloud security posture management market size is expected to reach $9.9 billion by 2028, rising … at a 15.2% compound annual growth rate (CAGR) during the forecast period. Combining Zscaler’s existing CASB and SSPM capabilities with Canonic Security’s SaaS supply chain security, organizations will benefit from the industry’s first integrated SaaS platform security solution.”

Boris Gorin is Canonic Security‘s CEO and co-founder.

Canonic Security’s Boris Gorin

“While the SaaS ecosystem continues to grow, traditional CASB and SSPM solutions fall short to secure against the massive amount of supply chain attacks that are targeting organizations and their critical business applications,” he said. “The combination of Canonic with Zscaler’s existing inline and out-of-band CASB and SSPM offerings is an ideal technology fit that will accelerate how enterprises address SaaS-native threats and simplify operations by reducing the number of tools for SaaS security.”