Digital transformation and ongoing cloud migration have led to an exponential increase in the number of machine identities, such as workloads, code, applications, IoT devices and containers. The number of machines is rapidly outpacing the growth in their human counterparts, with more than 40 machine identities for every human identity. Left unprotected, they serve as a lucrative hunting ground for cybercriminals. These machine identities need to be discovered, managed, secured and automated to keep their connections and communications safe. This is made more complex by shorter certificate lifecycles, from 398 to 90 days, and the need to be quantum ready.
According to Forrester¹, “Historically, enterprises have taken less interest in managing machine identities compared with human identities, in part because machine identities present different requirements and more complicated lifecycle challenges. However, the exponential growth of machine identities, both for devices and cloud workloads, has brought attention and urgency to improving machine identity management to reduce the risks stemming from this expanded threat surface. Machine identity growth will outpace human identities, necessitating advanced and automated approaches to effectively manage machine identities and associated risks.”
The combination of Venafi’s certificate lifecycle management, private Public Key Infrastructure (PKI), IoT identity management and cryptographic code signing, with CyberArk’s secrets management capabilities will enable organizations to protect against misuse and compromise of machine identities, vastly improve security, and stop costly outages. Having a breadth and depth of options for machine identity security all in one solution – that can be deployed as SaaS or hybrid – will enable faster risk mitigation for organizations of all sizes looking to secure modern cloud environments.
As an innovative leader in PKI and certificate management with a robust presence in modern cloud environments, Venafi offers complementary solutions that expand CyberArk’s total addressable market (TAM) by nearly $10 billion to approximately $60 billion.
“This acquisition marks a pivotal milestone for CyberArk, enabling us to further our vision to secure every identity – human and machine – with the right level of privilege controls,” said Matt Cohen, Chief Executive Officer, CyberArk. “By combining forces with Venafi, we are expanding our abilities to secure machine identities in a cloud-first, GenAI, post-quantum world. Our integrated technologies, capabilities and expertise will address the needs of global enterprises and empower Chief Information Security Officers to defend against increasingly sophisticated attacks that leverage human and machine identities as part of the attack chain. Venafi brings world-class talent who shares CyberArk’s customer-centric, people-first culture and a security-first mindset. We are thrilled to work with the Venafi team to capitalize on the tremendous growth opportunity in the identity security market.”
“It has been a pleasure to work with the Venafi team, leveraging our operational expertise to further cement Venafi as a leading force in machine identity management,” said Chip Virnig, a Partner at Thoma Bravo. “Over the course of our investment, Venafi has accelerated SaaS growth, expanded margins, and successfully created a best-in-class SaaS offering, setting the stage for continued innovation. We believe CyberArk is a great partner for Venafi and that the scaled end-to-end machine identity security platform created by this strategic combination will deliver significant value to shareholders.”
Details Regarding the Proposed Acquisition
CyberArk intends to acquire Venafi for an enterprise value of approximately $1.54 billion in a combination of cash and CyberArk shares (approximately $1 billion in cash and approximately $540 million in shares). The Boards of Directors of both CyberArk and Venafi have each approved the transaction.
The transaction is expected to close in the second half of 2024, subject to required regulatory approvals, clearances and other customary closing conditions. Other details include:
Venafi is expected to add approximately $150 million annual recurring revenue (ARR).
Venafi brings a strong business model with 95% in recurring revenue, including SaaS and Term Based License Revenue.
The transaction is expected to be accretive to margins immediately2, with significant revenue synergies through cross-sell, up-sell and geographic expansion.
Venafi brings complementary capabilities to protect machine identities and expands the Total Addressable Market (TAM) from $50 billion to $60 billion.