Artificial Intelligence & Machine Learning , Next-Generation Technologies & Secure Development

Zscaler Expands AI Security Capabilities by Acquiring Avalor

Zscaler Purchase Aims to Revolutionize Zero Trust Cybersecurity With Advanced AI
Zscaler Expands AI Security Capabilities by Acquiring Avalor

Zscaler bought a data security startup led by a longtime Salesforce executive to help customers stay ahead of threats by beefing up data quality and AI models.

See Also: 9 Best Practices for Artifact Management

The San Jose, California-based cloud security vendor said its purchase of Tel Aviv-based Avalor will help Zscaler strengthen its data quality and model efficiency to outpace AI weaponization by threat actors. Specifically, the combination of Zscaler and Avalor will use advanced AI analytics to simplify security operations and provide comprehensive risk profiles, according to Chief Technology Officer Syam Nair.

"This helps us continue to leverage our own internal AI data as well as additional data that comes from other platforms," Nair told Information Security Media Group. "The concept of a data fabric makes it much easier, rather than collecting all the data, connecting with the data and contextualizing it."

What Avalor Brings to the Table

Avalor, founded in 2022, employs 70 people and has raised $30 million in outside funding. The firm was led by Raanan Raz, who spent nearly six years overseeing research and development at Salesforce subsidiary Datorama before co-founding Avalor. Terms of the acquisition - which closed Wednesday - weren't disclosed, though both Calcalist and Globes reported Zscaler paid $350 million for the company (see: Zscaler CEO: Palo Alto Playing Defense as Firewall Sales Ebb).

Avalor's unified vulnerability management capabilities will be integrated with Zscaler's Risk 360 analytics product to help organizations strengthen their security posture by leveraging both external and internal data, Nair said. Bringing the two together under a single data fabric will simplify security operations and help prevent breaches by bringing more automation and real-time policy application to organizations.

"I think of us as an F1 car that's had the lead in the race," Nair said. "Avalor adds a lot more fuel to it. And for me, the fuel that it adds is for us to continue to be in the pole position both in zero trust and AI."

The first six months following the close will focus on unifying vulnerability management and risk assessment under a single data fabric, he said, and Zscaler in the next year will turn its attention to applications that can further secure and streamline operations. Specifically, Nair said, the applications Zscaler is developing will focus on boosting threat hunting, incident response and security management for clients.

"I think of us as an F1 car that's had the lead in the race."
– Syam Nair, chief technology officer, Zscaler

Nair said Avalor has a small but diverse customer base across verticals including retail, manufacturing and consumer packaged goods, which creates both cross-selling and new market penetration opportunities for Zscaler. In the coming months, Nair will track financial goals around Avalor and Risk 360, integration milestones for the data platform, and the development and delivery of new applications to customers.

"Security operations will continue to be a challenge," Nair said. "And the one way we can simplify it is by leveraging AI, whether it is predictive models or generative models. Zscaler is well positioned with the quality of the data and the data fabric to simplify and do what we did for zero trust in this area."

Going to the Acquisition Well Once Again

Avalor is Zscaler's ninth acquisition since 2018, according to Crunchbase. The deal comes 13 months after Zscaler bought Canonic Security for $16.5 million to thwart SaaS supply chain attacks and help customers streamline SaaS application governance and enforcement (see: Zscaler Buys Canonic Security to Thwart Supply Chain Attacks).

In September 2022, Zscaler purchased workflow automation startup ShiftRight for $25.6 million to provide customers with real-time visibility into their security posture and help them manage a growing influx of risks and incidents. The ShiftRight acquisition came a year after Zscaler bought deception technology startup Smokescreen Technologies for $11.7 million to proactively hunt for emerging adversary tactics and techniques.

A month earlier, Zscaler purchased cloud infrastructure entitlement management startup Trustdome for $31.1 million to control who and what has access to data, applications and services in public cloud. In May 2020, Zscaler acquired early-stage vendor Edgewise Networks for $30.7 million to protect application-to-application communications in public cloud and data center settings.

A month before that, Zscaler bought cloud security posture management startup Cloudneeti for $8.9 million to prevent and remediate app misconfigurations in the cloud. In May 2019, Zscaler got into the browser isolation space with its $13 million buy of Appsulate to provide users with secure access to web-based applications and content.

And the company's first-ever deal came in August 2018, when it purchased the development team and artificial intelligence and machine-learning technology of TrustPath to enhance security efficacy and accelerate incident response.


About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.