Tenable Holdings has today announced that it has entered into a definitive agreement to acquire Alsid SAS. Alsid for Active Directory is a Software as a Service (SaaS) solution with an on-premises deployment option that monitors the security of Active Directory in real-time. The solution enables users to find and fix existing weaknesses with dynamic threat scoring, complexity ratings, and recommended actions. Alsid continuously and non-disruptively discovers new attack pathways and detects ongoing attacks in real-time, recommending remediations without the need to deploy agents or leverage privileged accounts.
Exploiting user privileges via Active Directory is a favorite and predictable tactic in many sophisticated compromises and common hacks. This risk has never been more acute than it is today, with so many people working remotely and often using personal devices to connect to corporate systems, with Active Directory playing a critical role in managed single sign-on. For this reason, organizations are increasingly focusing on securing accounts — employees, service contractors, temporary workers, systems accounts, and others — and their access to and permissions across systems as strategic to their cybersecurity posture. Understanding account access to systems and how those cascade across computing environments is a strategic and important complement to vulnerability management and systems hygiene and is increasingly imperative to managing risk holistically, especially in complex cloud and hybrid environments.
“Tightly controlling the privileges of accounts in Active Directory is as foundational to reducing risk to the business as the basic blocking and tackling of deploying security updates. As we’ve seen with the flurry of hacks, ranging from the sophisticated SolarWinds compromise all the way down to common ransomware attacks, attackers go after the Active Directory infrastructure to increase access and establish persistence,” said Amit Yoran, chairman and CEO, Tenable. “We’re impressed with the insights that Alsid brings to enterprise customers and look forward to working with the Alsid team to add this critical element to Cyber Exposure and risk management.”
“We started Alsid to help organizations solve one of the biggest security challenges, an unprotected Active Directory, which is one of the most common ways for threat actors to move laterally across enterprise systems,” said Emmanuel Gras, CEO and co-founder, Alsid. “Our approach has always focused on helping our customers anticipate future attacks so they can keep their business running as usual. We believe Tenable cherishes this same vision of cybersecurity, and we’re excited to join forces and to have the opportunity to provide our users with a better, more complete approach to cyber preparedness.”
Alsid was founded in 2016 by two former incident responders from the French National Cybersecurity Agency (ANSSI), Emmanuel Gras and Luc Delsalle. Alsid’s founders will join Tenable in senior leadership roles focused on continuing to develop innovative solutions to Active Directory risk and security assessment and expanding into new markets globally.
Under the terms of the agreement, Tenable will acquire Alsid for a total purchase price of $98 million in cash, subject to customary purchase price adjustments. The acquisition is expected to close early in the second quarter of 2021, subject to regulatory approvals and the satisfaction of customary closing conditions.
Alsid’s financial results in 2021 are expected to contribute approximately one percentage point of growth to revenue and calculated current billings and increase incremental operating expenses in the range of $15-20 million, while free cash flow is expected to be impacted to a lesser extent and be accretive some time in 2022. We expect to incur $3-4 million in acquisition-related expenses, including transaction expenses over the course of the first and second quarters in 2021. Consistent with prior practice, we plan to exclude these costs from our non-GAAP results.