Cloud Security

Cisco moves to buy cloud and container security startup

Technology conglomerate Cisco is making a play in the cloud application security market, announcing plans to acquire cybersecurity startup Portshift. (Cisco)

Technology conglomerate Cisco is making a play in the cloud application security market, announcing plans to acquire cybersecurity startup Portshift. 

The purchase gives Cisco a foothold into cloud-native application security – a market that analysts expect to nearly double from $34 billion to $68 billion by 2025 – by way of a Kubernetes-native security platform. Based in Tel Aviv, Israel, Portshift brands itself as a fast, easy way to build effective security into the cloud application development process.  

Terms of the deal were not disclosed.

On Cisco's blog, Senior Vice President of Emerging Technology and Innovation Liz Centoni noted that the application security space is "highly fragmented" and that the acquisition will help Cisco serve the security needs of its customers "for all phases of the application development lifecycle."

Kubernetes, for its part, has increasingly become one of the most popular containerization management tools since its arrival in 2014, as tech behemoths like Amazon, Google and others have created specific cloud products for the tool in response to customer demand.

As companies increasingly adopt DevOps principles and send their apps through the continuous integration and continuous delivery pipeline, the need for baked-in security features earlier in the development lifecycle becomes critical.

This need to "shift left" on application security earlier in the app development process is at the heart of Cisco's rationale. Portshift's platform creates a unique and signed digital identity for each cloud application workload. It also automates runtime visibility and blocks unauthorized workloads from communicating with legitimate ones.

Ed Amoroso, CEO for consulting firm TAG Cyber, said the deal was emblematic of how networking and application development have become increasingly tethered to one another in the marketplace.

"It's interesting that many years ago, it might have seemed odd that a network equipment manufacturer would be dabbling in this area," Amoroso told SC Media in an email. "But this type of merged integration – especially the support Portshift offers for network segmentation via service mesh – exemplifies how far down the road our industry has come in the connection of networking and application development."

Centoni wrote: "Portshift aligns to Cisco’s approach of providing secure connectivity between users, devices and apps, wherever they reside; visibility and actionable insights from the end user to the application; a simplified consumption model...commitment to an open source and open standards philosophy; and breaking down the silos between developers, security teams, infrastructure teams, operations and SRE teams."

Derek B. Johnson

Derek is a senior editor and reporter at SC Media, where he has spent the past three years providing award-winning coverage of cybersecurity news across the public and private sectors. Prior to that, he was a senior reporter covering cybersecurity policy at Federal Computer Week. Derek has a bachelor’s degree in print journalism from Hofstra University in New York and a master’s degree in public policy from George Mason University in Virginia.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.