Trend Micro picks up Cloud Conformity for $70 million

The deal will see all Cloud Conformity staff and customers join Trend Micro.

Cloud computing concept

Getty Images/iStockphoto

Trend Micro has announced the acquisition of Australian-based cloud security posture management firm Cloud Conformity for $70 million.

According to Trend Micro, the acquisition will help address commonly overlooked security issues caused by cloud infrastructure misconfigurations.

"As more enterprises move to the cloud, our customers feel they're operating amid a wild-west approach to cloud implementations that leave them with unmanaged risk," Trend Micro CEO Eva Chen said.

"As an AWS technology partner of the year for 2019, Cloud Conformity understands these implementations and the risks. Their offering perfectly complements our own portfolio."

As part of the acquisition, all Cloud Conformity staff will join the company, Trend Micro confirmed.

The company added that existing Cloud Conformity customers will further grow Trend Micro's current 16,000 hybrid cloud customer base. Trend Micro has also made Cloud Conformity immediately available. 

See also: 10 common security mistakes that should never be made (TechRepublic)

In August, Trend Micro fixed an issue to resolve a vulnerability found in the cybersecurity firm's password manager software that potentially could have led to DLL hijacking, privilege escalation, and code execution attacks. 

According to SafeBreach Labs, the security flaw was found after the team targeted the "Trend Micro Password Manager Central Control Service," also known as PwmSvc.exe, as the core service runs via the Windows NT AUTHORITY\SYSTEM, a process with high permission levels. 

Trend Micro then released a security bulletin describing the security flaw on August 14. Within the advisory, the cybersecurity firm noted that CVE-2019-14687 had also been patched; a similar DLL hijacking bug which impacts a separate DLL to the initial report. 

Trend Micro however, is not alone in bolstering its security offering through acquisitions. Earlier this year, FireEye purchased Verodin in a move to validate the effectiveness of cybersecurity controls.  

More recently, Broadcom sealed a $10.7 million to purchase Symantec's enterprise security portfolio. The deal gives Broadcom ownership of Symantec's entire enterprise security business as well as the Symantec brand name.

Related coverage