Dive Brief:
- Palo Alto Networks agreed to acquire IBM’s QRadar software as a service assets and intellectual property rights, as part of a broad partnership between the two companies to provide AI-backed cybersecurity to the enterprise market.
- Palo Alto Networks will become IBM’s preferred cybersecurity partner across network, cloud and security operations centers, the companies said Wednesday. In turn, Palo Alto Networks will incorporate watsonx large language models into its Cortex XSIAM platform.
- “The security industry is at an inflection point where AI will transform businesses and deliver outcomes not seen before,” Nikesh Arora, chairman and CEO at Palo Alto Networks said in the announcement. “It’s a moment to accelerate growth and innovation.”
Dive Insight:
The deal marks a significant expansion for Palo Alto Networks, which is already one of the leading providers of threat protection to the enterprise market.
Palo Alto Networks shook up much of the sector late last year when it began offering free incident response services for its top customers. The move was designed to help lock existing enterprise customers into long-term agreements and attract new customers who were previously stuck in multiyear agreements with other vendors.
The company’s stock took a hit back in February after it warned of lower-than-expected revenue growth. The company was also beginning to see competitive angst as some rivals launched competitive actions to keep Palo Alto Networks from snatching away their customers.
The companies will help migrate QRadar SaaS clients to Palo Alto Networks’ Cortex XSIAM security operations platform, however any on-premises QRadar who want to remain in that configuration, will continue to get support from IBM.
Analysts say the deal marks a recognition by IBM that it was falling behind as organizations shift their security business from on-premises to cloud-based security.
“IBM has faltered in recent years as it attempted to shift the offering to the cloud,” said Allie Mellen, principal analyst at Forrester. “Customers were frustrated with a perceived lack of innovation from IBM Security, leading to its release of QRadar Log Insights and QRadar SIEM SaaS.”
The agreement highlights a couple of trends in the security landscape, according to Peter Firstbrook, distinguished VP analyst at Gartner. The first is that customers need additional help implementing and maintaining security products due to the security skills gap.
“Concurrently, security organizations are looking for security operations solutions that require less maintenance and are more tightly integrated and corelated across the security product portfolio,” Firstbrook said. “Extended detection and response solutions like Palo Alto’s XSIAM solution are designed to reduce the workload on the security staff and provide better integration out of the box than traditional SIEM tools like QRadar.”
The companies will also develop a joint security operations center and establish a joint cyber range. IBM will train more than 1,000 of its security consultants on how to migrate, adopt and deploy Palo Alto Networks security products and its consulting arm will become the preferred managed security services provider for Palo Alto Networks customers.
The agreement is expected to close by the end of September.