Trend Micro has just announced the acquisition of Sydney Headquartered start-up, Cloud Conformity for $70m. The acquisition is to expand the company’s cloud security portfolio over the Corporate network Infrastructure to alleviate any security misconfigurations.
After the acquisition, Trend Micro is immediately offering the Cloud Security Posture Management (CSPM) platform to its global customers.
Cloud Conformity-the 50 person Australian based start-up was founded in 2015 and offers companies complete access and visibility into their AWS and Azure environments, receive alerts and prioritize counteractions to improve governance, security and compliant regulations.
Regarding the announcement, Eva Chan CEO of Trend Micro reported, “As more enterprises move to the cloud, our customer’s feel they’re operating amid a wild-west approach to cloud implementations that leave them with unmanaged risk. As an AWS technology partner of the year for 2019, Cloud Conformity understands these implementations and the risks. Their offering perfectly complements our own portfolio.”
After the acquisition, Trend Micro will join the company and additionally, Cloud Conformity’s existing customers will further increase the 16,000 Trend Micro’s Customer database.
Trend Micro reported Gartner findings that by 2023, 99% of the Cloud Security failures will be Customer’s fault, and by 2024, companies if they deploy Cloud Security Posture Management (CPSM), the failure will be reduced by 80%.
Essentially, after the acquisition, customers wouldn’t be facing the challenge of misconfigurations in their Cloud deployments and it would certainly avoid the organizations from cyber security risks.
In the preliminary events of August, Trend Micro resolved a cyber-security vulnerability found in the firm’s own password manager software that could eventually led to DLL hijacking, privilege escalation, and code execution attacks.
SafeBreach Labs reported that the bug was found by the core team while targeting, “Trend Micro Password Manager Central Control Service,” which is a high-permission level service running under the Windows NT Authority/system.
On August 14, company released a security bulletin describing the flaw. Within the flaw, the cyber security firm claimed that CVE-2019-14687 had also been patched; a similar DLL hijacking bug which impacts a separate DLL.
Trend Micro isn’t the first one to proliferate its security services through acquisitions. In the events around the year start, FireEye acquired Verodin to increase its cyber security controls. Another company, Broadcom landed a $10.7 million deal for the acquisition of Symantec’s enterprise security offerings.