Aqua Security Buys Software Supply Chain Security Firm Argon

‘Cloud-native security opens up an opportunity to connect the development side with the runtime and do security better. We want to build a company that can solve a very big problem,’ says Aqua CEO Dror Davidoff.

Aqua Security has purchased startup Argon to thwart third-party threats to the development environment and ensure the software supply chain is secure.

The Burlington, Mass.-based cloud security vendor’s acquisition of Tel Aviv, Israel-based Argon will provide more visibility into the developer pipeline and runtime posture to help customers better defend against malicious activity, according to co-founder and CEO Dror Davidoff. Argon’s technology gives companies more control over who has access to their code and what code they’re allowed to input.

“Cloud-native security opens up an opportunity to connect the development side with the runtime and do security better,” Davidoff told CRN. “We want to build a company that can solve a very big problem.”

[Related: Cloud Security Firm Aqua Security Raises $135M To Add Clients]

Davidoff said Aqua spent “tens of millions” of dollars to purchase Argon, although specific terms of the acquisition weren’t disclosed. Argon today employs 30 people focused primarily on research and development, and Davidoff said he’d like to double the size of Argon’s team to 60 people over the next year. All of Argon’s employees—including co-founder and CEO Eilon Elhadad—will be joining Aqua.

Argon will be fully integrated into Aqua over the next six to 12 months, with a loose integration in the interim allowing customers to purchase both Aqua and Argon’s technology using a single dashboard, Davidoff said. The Argon technology will be Aqua’s fifth major module, meaning that customers will have the option of either procuring it on a stand-alone basis or as part of Aqua’s platform, Davidoff said.

“As a stand-alone, it’s only one piece of a problem that CISOs are looking to solve,” Davidoff said. “Together, we have a much better offering for CISOs and the security teams.”

Argon’s technology will be available for Aqua partners to cross-sell by the end of March, and Davidoff said Aqua plans to spend the next three months preparing enablement materials, training channel partners, and doing some branding and marketing work so that partners can hit the ground running. Limited overlap exists between the Aqua and Argon channel communities, according to Davidoff.

Davidoff said solution providers can add value by helping customers understand their exposure during the software development life cycle as well as how a product like Argon’s can improve their security posture. Most customers have a severe shortage of security and DevOps personnel and need help from channel partners when it comes to setting security policies across their environment, Davidoff said.

“The Argon solution is relevant to almost every Aqua customer,” Davidoff said. “Most people are now just starting to understand the problem. … I think our channels will really like this additional product.”

Argon’s technology is well-suited for enterprises that are running in the cloud, have applications in the development pipeline, and run cloud-native technology such as Docker, Kubernetes and serverless, Davidoff said. Both Aqua and Argon’s products would typically be procured by the same individual or department in the customer’s organization, according to Davidoff.

Argon will operate independently of Aqua for at least the next year while integration work is taking place, Davidoff said. Aqua has posted growth rates in the high double digits for the past two years, and Davidoff said the addition of Argon’s capabilities should help Aqua more than double its revenue over the next 12 months.

“We have a very big mission and vision in mind,” Davidoff said. “We want to solve a big problem for the enterprise.”