Cybersecurity behemoth Palo Alto Networks (PANW) recently announced the acquisition of observability vendor Chronosphere for $3.35 billion. The acquisition is a departure from PANW’s security pure-play roots as it will now also sell into technology buyers. This blog explores the reasons behind the acquisition and what it means for PANW and Chronosphere customers going forward.

This Is A Dual Motive Acquisition: AI And Observability

This acquisition has parallel purposes. First and most topically, it provides PANW with visibility as AI systems proliferate. Security vendors can’t secure AI agents if they can’t see what they are doing. Chronosphere provides PANW a data visibility pipeline to feed its XSIAM solution and future AI detection engines. Chronosphere’s real-time telemetry and data visibility pipelines help PANW move its security platform, Cortex, one step closer towards additional visibility.

If PANW successfully integrates CyberArk’s deep identity governance alongside Chronosphere’s observability data, it will have built up foundational capabilities for the discovery, governance, and security of AI agents and agentic AI workflows. As the risks escalate around an expanding attack surface driven by privileged AI workloads, this unification for visibility and control will be vital for closing a significant gap in the security stack for non-human entities.

Second, as PANW has moved into the SIEM market, it recognized the overlapping use cases many SIEM vendors address: security and observability. Think of vendors like Cisco Splunk, Sumo Logic, Elastic, and CrowdStrike which have solutions for both use cases. Many Forrester clients use their SIEM vendor for security and observability, thereby reducing vendor sprawl and centralizing data collection and storage. Security observability and operational observability have underpinning similarities in their data pipelines. Some enterprises, especially financial services, value the crossover. Prior to this acquisition, PANW had limited answers to the observability question, but now, it has an opportunity to extend its capabilities into the adjacent observability market.

Trust Or Bust: Vendors Race To Win Cross-Domain Buyers

This is more than just another headline. It’s a clear signal that traditional buying pattens and personas are under pressure. IT and security leaders are being challenged with platform strategies that dominate and as vendor trust becomes a critical differentiator. A buyer’s journey is often a process of confirmation, not selection. Consumers and stakeholders must:

  • Prepare for platform-driven reprioritization. The potential breakup of the Chronosphere-CrowdStrike partnership reopens capability gaps for CRWD customers, including high-cardinality metrics, AI-guided troubleshooting, and cost-control features that Chronosphere excelled at. Expect PANW to fold Chronosphere into its Cortex platform and prioritize security-centric features over observability innovation within 12–18 months. Bundling will pressure pricing and roadmaps. PANW’s aggressive platformatization strategy will reshape contract terms and roadmap priorities. Customers should anticipate bundle-driven pricing models and a pivot toward security-first development, which may dilute Chronosphere’s original focus on telemetry control and performance optimization.
  • Gain IT buyer trust. Security vendors are faced with cultural barriers. IT and development teams have historically resisted adopting tools from security vendors, favoring observability platforms that emphasize control rather than compliance. Chronosphere’s value proposition was rooted in cost transparency and operational autonomy — areas where PANW operates differently. Thus, expect skepticism and contract scrutiny. Customers evaluating renewals or multi-year commitments should factor in PANW’s integration approach and governance model. The shift from an observability-first mindset to a security-driven platform may challenge IT buyers’ trust and influence procurement decisions.

 

Forrester clients who want to continue this discussion or dive into Forrester’s wide range of AI, observability, and security research can set up a guidance session or inquiry with us.