Tenable Holdings, the Cyber Exposure company, announced that it has entered into a definitive agreement to acquire Alsid SAS (“Alsid”), a leader in Active Directory security. Alsid for Active Directory is a Software as a Service (SaaS) solution with an on-premises deployment option that monitors the security of Active Directory in real time. The solution enables users to find and fix existing weaknesses with dynamic threat scoring, complexity ratings and recommended actions. Alsid continuously and non-disruptively discovers new attack pathways and detects ongoing attacks in real time, recommending remediations without the need to deploy agents or leverage privileged accounts.
Exploiting user privileges via Active Directory is a favorite and predictable tactic in many sophisticated compromises and common hacks. This risk has never been more acute than it is today, with so many people working remotely and often using personal devices to connect to corporate systems, with Active Directory playing a critical role in managed single sign on. For this reason, organizations are increasingly focusing on securing accounts — employees, service contractors, temporary workers, systems accounts and others — and their access to and permissions across systems as strategic to their cybersecurity posture. Understanding account access to systems and how those cascade across compute environments is a strategic and important complement to vulnerability management and systems hygiene and is increasingly imperative to managing risk holistically, especially in complex cloud and hybrid environments.
“Tightly controlling the privileges of accounts in Active Directory is as foundational to reducing risk to the business as the basic blocking and tackling of deploying security updates. As we’ve seen with the flurry of hacks, ranging from the sophisticated SolarWinds compromise all the way down to common ransomware attacks, attackers go after the Active Directory infrastructure to increase access and establish persistence,” said Amit Yoran, chairman and CEO, Tenable. “We’re impressed with the insights that Alsid brings to enterprise customers and look forward to working with the Alsid team to add this critical element to Cyber Exposure and risk management.”
“We started Alsid to help organizations solve one of the biggest security challenges, an unprotected Active Directory, which is one of the most common ways for threat actors to move laterally across enterprise systems,” said Emmanuel Gras, CEO and co-founder, Alsid. “Our approach has always focused on helping our customers anticipate future attacks so they can keep their business running as usual. We believe Tenable cherishes this same vision of cybersecurity, and we’re excited to join forces and to have the opportunity to provide our users with a better, more complete approach to cyber preparedness.”
Alsid was founded in 2016 by two former incident responders from the French National Cybersecurity Agency (ANSSI), Emmanuel Gras and Luc Delsalle. Alsid’s founders will join Tenable in senior leadership roles focused on continuing to develop innovative solutions to Active Directory risk and security assessment and expanding into new markets globally.
Under the terms of the agreement, Tenable will acquire Alsid for a total purchase price of $98 million in cash, subject to customary purchase price adjustments. The acquisition is expected to close early in the second quarter of 2021, subject to regulatory approvals and the satisfaction of customary closing conditions.