With the announcement on Monday of plans to purchase build.security, a hot Israeli startup that helps enterprises implement cloud security authorization standards, Elastic NV is continuing its march into the cybersecurity market.
The acquisition’s financial terms were not disclosed.
Build.security, which has offices in Tel Aviv, Israel, and Sunnyvale, California, has raised $6 million in seed funding headed by YL Ventures.
Following Elastic’s $243 million acquisition of Endgame, the build.security agreement reinforces the Dutch company’s endpoint detection and response (EDR) capabilities.
Elastic Stack, formerly known as Elasticsearch, is a combination of search and logging software that allows enterprises to search, analyse, and visualise data at scale.
The business’s new Elastic Security division combines SIEM threat detection capabilities with endpoint prevention and response capabilities to provide a “limitless” extended detection and response (XDR) platform, according to the company.
Elastic NV said in a statement announcing the transaction, “The addition of build.security extends Limitless XDR to enable the enforcement of security measures for cloud-native environments including hosts, virtual machines, and containers controlled by Kubernetes.”
Customers will be able to continuously monitor and ensure that their cloud environments are secure in accordance with their policies, as well as continuously validate their security posture against well-established standards such as the Center for Internet Security (CIS) benchmarks, thanks to the integration of the build.security technology into Elastic Security.
Build.security sells an authorization policy management platform driven by the open source authorization engine Open Policy Agent, which was founded by Amit Kanfer with funding from YL Ventures and numerous well-known security executives (OPA).
The build.security platform aids developers in overcoming the obstacles of establishing role-based and attribute-based access controls (RBAC and ABAC) in business applications.
Access policies, such as user-to-application, service-to-service, employee-to-internal access, and data access policies, can be created, distributed, managed, and tested using the company’s tools.
Elastic and build.security intend to give the ability to administer OPA policies directly in Kibana, enforce OPA policies using the Elastic Agent, and record the results of OPA policy executions in Elasticsearch using the Elastic Common Schema once the deal is completed (ECS).
“The initial integration with build.security will focus on the Kubernetes admission controller, providing security and compliance during deployment, and will continue with build-time policies scanning cloud configuration files,” says the company. Users will be able to shift-left and enforce security for their cloud-native applications earlier in their life cycle as a result of this, according to Elastic.
