RedLock provides visibility and automated threat detection and response across an organization’s public cloud environment. The acquisition will boost Palo Alto Networks’ security analytics capabilities across multiple clouds including Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform. It also provides technology to automate remediation by integrating with existing incident response workflows.
“What does that look like in the real world?” wrote Palo Alto Networks’ Chris Morosco in a blog. “Say, for example, that a developer accidentally leaks cloud access keys on a well-known forum such as GitHub, and that as a result of this, a hacker attempts to log in to the cloud environment using those keys. RedLock’s fast analytics detect that the key is being used in an unusual location to perform an unusual activity — and immediately alerts the SOC team, with a full history of all activities associated with that key.”
RedLock is the latest purchase in Palo Alto Networks’ recent buying spree. It scooped up Secdo, a security company that does endpoint detection and response, in April. And a month prior it bought Evident, a startup that does public cloud infrastructure security, for $300 million.
The company says it will combine the Evident and RedLock technologies into one product that provides cloud security analytics, advanced threat detection, continuous security, and compliance monitoring. This will help security teams respond faster to the threats by replacing manual investigations with automated, real-time remediation and reports that show a company’s cloud risks. Palo Alto Networks plans to release the new product early next year.
The acquisition is expected to close during Palo Alto Networks’ fiscal first quarter.
RedLock, based in Menlo Park, California, was founded in 2015. It raised $12 million in a seed round and Series A round.