Cloudflare has completed its acquisition of Area 1 Security for an undisclosed amount. Cloudflare announced its intent to acquire Area 1 Security on February 23, 2022. That it has been completed so quickly is a surprise. Neither company has investors in common, so this is likely an all-cash deal.
Matthew Prince, co-founder & CEO of Cloudflare, said, “Cloudflare’s mission is to help build a better Internet, and we’ve invested heavily in building the world’s most powerful cloud network to deliver a faster, safer, and more reliable Internet for our users. Now we’re officially able to welcome the Area 1 team to Cloudflare and enhance our ability to secure the number one place where security threats come from, email.
“To us, Zero Trust security without email built in is worth nearly zero. By bringing email security and Zero Trust together with Area 1 Security, we believe that we will give customers the most complete Zero Trust security platform available.”
Why has Cloudflare acquired Area 1 Security?
Phishing, malware, scams and business email compromise have significantly increased over the last two years. It is an area where Cloudflare has limited capability. It only released its first email solution last year with Email Security DNS Wizard. This acquisition will give it the capability it currently lacks.
The expectation is that blocking phishing, malware and business email compromise will enhance Cloudflare’s existing Zero Trust offering. The question is, how long will that take? Both companies are cloud-native solutions with established APIs. That should speed up the integration.
Both companies are also vendor agnostic. That should make integrating its Zero Trust offering easier into any enterprise.
Enterprise Times: What does this mean?
The speed of completion here is impressive. What remains to be seen is how long before we see Area 1 Security fully integrated into the Cloudflare platform. The press release says it was available for existing enterprise customers to buy from April 1. However, as yet, it does not appear on the Cloudflare website. Those customers who want to buy have to go to the Area 1 Security website.
It will also be interesting to see how the pricing model adapts. Currently, Area 1 Security offers a Pay-per-Phish option. That means you only pay if and when it detects a phishing attack. You can also cap your costs and stop paying after a certain number of phishing attempts have been detected. It is a very different model from Cloudflare, and building a single platform offering at a simplified price across both vendors’ solutions could be challenging.
That said, this is a good move by Cloudflare, which seems keen to broaden its platform. In February, just before announcing its plans for Area 1 Security, it also announced the acquisition of Vectrix. Is it about to go on a spending spree? If so, who is next in its sights?