Palo Alto Networks has just confirmed one more major piece of security startup M&A out of Israel: It has acquired Talon Cyber Security, a specialist in building enterprise browsers for securing distributed workforces sources. Source say the deal is valued at $625 million.
This is PA’s second Israeli security acquisition within a week: Last Tuesday, Palo Alto Networks announced that it was scooping up cloud data specialist Dig Security, for a price that sources close to the deal tell TechCrunch was around $400 million. As with Dig, Talon will be integrated with Palo Alto’s Prisma cloud security division.
We first reported that the two deals were in the works in September, after hearing for weeks beforehand that it was about to make some big acquisitions to beef up its security bench.
Talon — co-founded by Ofer Ben-Noon and Ohad Bobrov — had raised around $143 million, with its investors including Team8 (a specialist cyber investor in Israel), Entrée Capital, Evolution Equity, LightSpeed and Cyverse Capital. Sources tell us Talon was approached proactively and was not in the market to be acquired.
Today’s acquisition, along with last week’s for Dig, are significant developments in the Israeli technology ecosystem, where right now it is anything but business as usual.
The current war between Israel and Gaza — which kicked off after terrorists from the latter territory busted through the wall separating the two, killed some 1,400 civilians and took hundreds more back to Gaza as hostages — has, unsurprisingly, had a strong chilling effect on the region’s technology industry, which has in many ways come to a standstill in the last month.
As we have reported previously, tech accounts for 18% of Israel’s GDP, and some 14% of all people in the country work directly for the tech industry (with many others indirectly). A number of those civilians have either been called up for duty, or are involved in volunteer efforts, effectively putting a lot of their regular working lives on hold.
At the same time, the conflict and instability is having a big knock-on effect for investors, partners and would-be customers that want to do business in the region, something that is impacting both Israeli and Palestinian companies. (That’s not to mention the interruptions in supply chains and logistics, as well as even more basic needs.)
Some investors are even looking to step up by creating emergency impact funds specifically to fund startups that have had to pause their activities due to the situation.
Others claim the moment remains ripe for cyber in Israel from an investing standpoint.
“We are still seeing a lot of activity. The need for cybersecurity hasn’t decreased given what is happening. Actually, it’s the other way around. With the advancement of new systems and geopolitical changes, there are even more needs for cybersecurity,” said Lior Simon, a general partner at Cyberstarts, a specialist cyber investor in the region. “Funding and investments are continuing to be made, and we are getting pinged by several investors asking what is happening and what is coming out to market.”
Aside from this, there is also the image of public perception outside of the region : As shown by the recent blow-up around Web Summit and the departure of the founder from executive roles after comments he made about the situation, and a backlash against that, some of the most public efforts of energy that we are seeing coming out of the Israeli tech ecosystem right now are focused on that conflict and how that’s being represented. M&A does not feel like a top of mind concern in that regard.
To be clear, this deal for Talon, along with the one for Dig, were very much already in the works before the surprise attack by Hamas. That they managed to close them during the turmoil is notable, but what remains to be seen are how M&A activities, along with funding, and business for startups overall, will develop as the conflict wages on.
The bigger cyber picture, and how Talon fits in
The deal, Palo Alto said, will help address the rise of different devices and apps that are being used in organizations, some of which are not provisioned by the organizations themselves.
“The average enterprise uses hundreds of SaaS and web applications, meaning that most work is now done primarily via the browser,” said Lee Klarich, chief product officer for Palo Alto Networks, in a statement. “Talon enables organizations to secure all work activity via an Enterprise Browser, without touching the personal usage of the device or impacting user privacy. Integrating Talon with Prisma SASE will enable Palo Alto Networks to securely connect all users and devices to all applications, including private applications, and apply consistent security no matter who the user is and what device they use for work. Today’s announcement underscores our continued belief in the strength of the Israeli cybersecurity ecosystem and our commitment to our growing team in Israel.”
“While BYOD offers an advantage for productivity, it is also a source of significant security risk,” added Anand Oswal, its SVP and GM. “Talon’s Enterprise Browser empowers security teams with deep visibility and control over all work-related SaaS and web activity on all devices, including personal and unmanaged endpoints. SASE solutions must evolve to secure unmanaged devices with the same consistent security applied to managed devices so that users can securely access business applications using any device from any location. The unique combination of Prisma SASE and Talon will transform how organizations navigate the challenges of today’s modern and connected digital environments.”
Like Dig, Talon is working in a newer area of the wider cybersecurity market, which would make it attractive to Palo Alto as it looks to keep up with the evolving threats in the market.
Talon’s focus on the concept of an enterprise browser — a platform for large organizations to operate all of their apps and services, built from the ground up with security in mind — is still a relatively new concept in the market. As we have previously noted, though, it has already started to catch on big with customers and competitors: Island is another company in the same space.
“They’re creating a new category that has the potential of being bigger than endpoint security altogether,” a source told us in September. “They’re reinventing the operating system.”
Even as a lot of funding and M&A continues to remain largely stagnant in the current market, and Israel in particular is facing some big geopolitical barriers to activity, security continues to be a huge priority for enterprises and smaller businesses.
That is because of the cost of not managing it well. A McKinsey report from last year noted that organizations would have to spend up to $10.5 trillion annually to deal with breaches by 2025, a 300% increase from 2015. So while a lot of companies have clamped down on spending and IT budgets over the last couple years, security is one area where they have returned to spending even when other categories have remained frozen or constrained.
“For end customers, security is still a big business risk, so budgets are back in action and we’re seeing sales picking up in Q3 and Q4,” one investor told us. “Security companies will want to tap into this opportunity aggressively.”
Second, cybersecurity remains a moving target. Malicious hackers are turning to technologies like AI to break into networks, so, as smaller startups come up with new techniques to tackle the problem, they become acquisition targets for larger companies looking to stay ahead of the curve. This is where this Talon acquisition fits in.
Other examples of this include CrowdStrike acquiring security startup Bionic for $350 million, and IBM buying Polar earlier this year for $60 million — a deal IBM made, we understand, partly in response to Palo Alto buying Cider Security in 2022.
There are mega deals in this trend, too, such as Cisco’s plan to buy Splunk for $28 billion.
For security companies, it becomes a question of competitive edge both against malicious hackers and other security companies. “Palo Alto is buying partly in reaction to these deals,” one source said.