Cybersecurity platform provider CrowdStrike announced plans to acquire Adaptive Shield, a SaaS security posture management (SSPM) vendor. Some sources reported the purchase price to be around $300 million. If that purchase price is accurate, based on Forrester’s estimates of Adaptive Shield’s current revenue, that price represents an approximately 12–15x revenue multiplier and 6 times more than Adaptive Shield’s total funding raised. As CrowdStrike moves past its July 2024 global Windows outage and commits to improving its software quality assurance processes, the time was right for the company to expand its product portfolio. Forrester observes the following:

  • Adaptive Shield brings needed SaaS security insights to CrowdStrike and extends its monitored endpoint range. CrowdStrike acquired Adaptive Shield for its SaaS security and posture management technology — Adaptive Shield will allow CrowdStrike to perform configuration drift detection and malware and ransomware scanning on SaaS endpoints (Box, Dropbox, OneDrive, etc.), adding to the heritage S3, Azure blob, and GCP coverage. Additionally, Adaptive Shield has differentiated configuration compliance libraries and configuration drift detection with its scalable offering. The acquisition supports CrowdStrike’s goal of building a comprehensive cloud security platform, including cloud detection and response capabilities, and follows similar steps taken by Palo Alto Networks and Zscaler.
  • Creating a true cloud and identity security platform is hard. CrowdStrike (and its competitors Trend Micro and Wiz) have been on an acquisition spree: CrowdStrike has bought Flow Security, Bionic, Reposify, and Secure Circle to enhance its organically built heritage cloud workload protection portfolio and growing identity threat protection capabilities. Building a true platform with integrated policy management, unified architecture, generative AI copilots, and central reporting is difficult and time-consuming: Palo Alto, Trend Micro, Wiz, and other cybersecurity platform vendors have struggled to integrate these capabilities completely into a single platform, even without acquiring an SSPM vendor themselves. It is likely that it will take CrowdStrike at least 18–24 months to achieve complete integration here.
  • More SSPM acquisitions will follow. As with any maturing technology area, large vendors start acquiring successful smaller vendors when the hockey stick of enterprise adoption begins. We are now at that point in SSPM. Forrester expects that in the next 18–24 months, AppOmni, DoControl, Spin.AI, and other SSPM vendors will be likely acquisition targets for large cloud security vendors such as Palo Alto Networks, Qualys, Tenable, Trend Micro, and Wiz for platform building. Forrester sees this as similar to the recent ITDR acquisition spree across IAM and non-IAM vendors.
  • CrowdStrike is raising the profile of identity security. Building on its existing identity and threat detection product, with this acquisition, CrowdStrike continues to emphasize the importance of identity-centric security to drive better alignment between IAM and cybersecurity teams. The strategy initially started with CrowdStrike’s 2020 acquisition of Preempt Security for its conditional access technology. Given its cybersecurity market position, CrowdStrike’s emphasis on identity security is a boon to the overall identity security market, but it foreshadows a coming reshaping of the IAM vendor landscape and competitive dynamics over the next 24–36 months.