VMware has entered into a definitive agreement to acquire cloud-native endpoint protection specialist Carbon Black, as well as digital transformation company Pivotal, it has announced.
With this news following the successful acquisition and IPO respectively of Carbon Black rivals Cylance and CrowdStrike earlier this year, it’s clear that next-generation endpoint security is a topic in which cybersecurity investors and vendors alike are taking a keen interest.
“Today marks an exciting milestone for Carbon Black, VMware and the entire cybersecurity industry,” said Patrick Morley, CEO of Carbon Black. “We now have the opportunity to seamlessly integrate Carbon Black’s cloud-native endpoint protection platform into all of VMware’s control points. This type of bold move is exactly what the IT and security industries have been looking to see for a very long time. We look forward to working with the VMware team to continue delivering a modern security cloud platform to customers around the world.”
Though discussion of leveraging VMware and Dell’s enterprise reach to enhance Carbon Black’s direct and channel sales suggests that it may continue as a discrete product, the primary intention behind the acquisition appears to be the integration of Carbon Black’s security solutions with VMware’s own offerings in order to provide a more comprehensive security cloud platform.
“The security industry is broken and ineffective with too many fragmented solutions and no cohesive platform architecture,” said Pat Gelsinger, CEO of VMware. “By bringing Carbon Black into the VMware family, we are now taking a huge step forward in security and delivering an enterprise-grade platform to administer and protect workloads, applications and networks. With this acquisition, VMware will also take a significant leadership position in security for the new age of modern applications delivered from any cloud to any device.”
Gelsinger echoes a common concern in the cybersecurity space, and one our own research has further demonstrated. The sheer number and variety of cybersecurity solutions available poses an architectural and budgetary challenge to IT and infosec leaders looking to incorporate them into a towering solution stack, but before that stage can even be reached, differentiating between the assorted vendors and evaluating which are worth working with is a significant endeavour in and of itself.
VMware and Gelsinger seem to feel that integrating solutions into a single, one-vendor one-contract package is the answer CISOs are looking for – and they’re certainly not alone, as the sheer number of acquisitions in the cybersecurity solution space shows. There are a number of ‘old school’ cybersecurity providers – in addition to telecoms and professional services companies – which have been snapping up smaller businesses in order to build out their own ‘one stop shop’ offerings.
It’s dubious whether CISOs will ever be able to cut down to just one security package, out of unwillingness to put all their eggs in one basket if nothing else. But consolidation to a smaller stack can only be a good thing.