Elastic to Enhance Support for Cloud-Native Security

Elastic, the company into Elasticsearch and the Elastic Stack, today announced that it has completed the acquisition of build.security, a policy definition and enforcement platform that leverages the open source standard Open Policy Agent, to enable organizations to enforce security actions for cloud-native environments. The plan is to acquire Optimyze, the company behind the continuous profiling platform Prodfiler. Terms of the deal were not disclosed.

Elastic, which develops one of the largest open source based search engines in the world, plans to expand into the world of security with the acquisition of the Israeli startup. Build Security has developed a permissions policy management platform that offers developers a quick and easy way to neutralize data security vulnerabilities in their products.

We are excited to welcome the build.security team to Elastic as we join forces to help organizations eliminate blind spots, stop threats, and extend Limitless XDR to the enforcement of security actions for cloud-native environments,” said Shay Banon, founder and CEO, Elastic.

The news follows less than two months after Elastic, the company behind the Elasticsearch big data analytics and search engine, acquired two cloud security companies called Cmd and Build.Security. Elastic expands cyber skills with the acquisition of Israeli startup build.security

With a $14B market cap, Elastic enhances its open-source-based search engine and establishes its first Israeli R&D center. Build.security will enhance our customer’s ability to ensure that their cloud environments are secure in keeping with the policies they have in place, continuously validate their security posture against well-established standards such as the CIS benchmarks, and resolve the complexity associated with building authorization into applications at deployment time.”

With Optimyze under its wing, Elastic is now well-positioned to “unify the pillars of observability” (metrics, logs, and traces) with new continuous profiling capabilities, enabling its customers to both observe and protect their data through a single integrated platform.

With the steady shift to SaaS and cloud computing, computational efficiency has become a major factor for companies’ bottom line. Continuous profiling belongs to the broader software monitoring category which is known as observability, which is all about measuring the internal state of a system by analyzing the outputs - this can help establish how performant a system is and identify issues.

Companies have slowly embraced continuous profiling as a means to monitor all the resources that an application is using, such as CPU or memory, serving engineers with deeper insights into which specific piece of code is the most resource-intensive.

This data can help companies reduce their cloud bill, for example, given that cloud platform providers typically charge on a consumption basis. Google was one of the early champions of continuous profiling, detailing the concept in a 2010 article.

Build.security co-founder and CEO, Amit Kanfer, is among the key staff joining Elastic. Financial terms of the transaction were not disclosed. Build Security was seeded by YL Ventures, a leading cybersecurity-focused venture capital firm headquartered in Silicon Valley.

At the same time, Elastic said that it expects to close the Optimyze acquisition by the end of the year.