2 min

Zscaler has announced its acquisition of Canonic Security, a cybersecurity startup specializing in protecting against attacks targeting software-as-a-service (SaaS) applications.

As more and more organizations adopt hundreds of SaaS applications, their users often connect thousands of third-party applications and browser extensions to these critical platforms without the IT team’s permission.

Canonic Security’s technology offers a solution to this “ungoverned surface area,” allowing cybersecurity and IT teams to gain visibility into the security of applications and integrations connected to specific SaaS apps before granting access to business applications.

Canonic’s capabilities will be integrated with Zscaler’s data protection offering

While terms of the deal were not disclosed, it was revealed that Canonic Security had raised just $6 million in funding since exiting stealth mode a year ago.

According to Zscaler, Canonic’s capabilities will be integrated into its recently announced data protection offering, enhancing its cloud access security broker (CASB) solution and its SaaS security posture management (SSPM) tool.

As a well-known provider of zero-trust security technologies like zero-trust network access (ZTNA), Zscaler is expanding its offerings as attackers focus more on exploiting vulnerabilities in supply chain security and APIs.

2023 should see more hacks aimed at API flaws and supply chains

According to Max Shier, Chief Information Security Officer at Optiv, leveraging vulnerabilities in APIs and the supply chain is expected to prompt the biggest hacks this year. The acquisition of Canonic Security is part of Zscaler’s efforts to prevent organizations from the growing risks of SaaS supply chain attacks.

With the integration of Canonic’s technology, Zscaler is set to streamline SaaS application governance and enforcement, providing cybersecurity and IT teams with a more efficient and effective way to monitor and secure their SaaS applications.

The deal is yet another indication of the increasingly critical role cybersecurity startups play in today’s cybersecurity landscape as organizations continue to find new and innovative ways to protect against cyber threats.

Also read: Increasing API use also means more focus on API security