Cloud Security , Security Operations

Cloudflare Acquires Kivera to Fuel Preventive Cloud Security

Kivera Integrates Controls Into Cloudflare One to Prevent Cloud Misconfigurations
Cloudflare Acquires Kivera to Fuel Preventive Cloud Security

Cloudflare purchased a cloud security startup led by a former Armis, Tanium and IBM executive to minimize cloud misconfigurations and enhance security during cloud usage.

See Also: 2024 Gartner® Magic Quadrant™ for Security Service Edge (SSE)

The San Francisco-based connectivity cloud vendor said its acquisition of New York-based Kivera will enable inline security measures that reduce the risk of misconfigurations and human error in the cloud. The integration of Kivera into Cloudflare One will give businesses enhanced preventative controls, reduced risk of shadow cloud infrastructure and streamlined compliance enforcement.

"Almost every organization uses multiple clouds now to power their business, but that can translate to more risks and unintentional errors,” Cloudflare co-founder and CEO Matthew Prince said in a statement. “By integrating Kivera’s team and technology, we’ll be able to better help all of our customers work with any big cloud provider in the most secure, reliable manner.”

Terms of the acquisition weren't disclosed, and Cloudflare executives weren't available for additional comment. Cloudflare's stock was up $1.27 - or 1.58% - to $81.76 per share in trading Tuesday (see: Cloudflare Buys BastionZero to Guard Critical Infrastructure).

How Customers Benefit from Using Kivera's Technology

Kivera, established in 2020, employs 14 people and closed a $3.5 million seed funding round from General Advance and Round 13 Capital. The company has been led since June 2023 by Joe Lea, who previously served as president of military security firm Shift5, vice president of product at Armis, head of product at Tanium and manager for IBM's WebSphere application server product line management team.

"Existing approaches to cloud security aren't working and instead overwhelm security teams with alerts that could and should be prevented in the first place," Lea wrote on LinkedIn. "Today, our customers are effectively implementing preventative controls that stop cloud misconfigurations from happening in the first place and eliminate the wasted time spent on remediation."

Kivera’s technology enables real-time enforcement of cloud configurations, preventing security breaches caused by human error such as misconfigurations and policy inconsistencies, according to Cloudflare. With misconfigurations accounting for the majority of cloud data breaches, Cloudflare said Kivera’s technology will play a pivotal role in addressing security challenges in multi-cloud environments.

“For too long, the adoption of cloud computing has left security teams within organizations playing catch-up,” Kivera co-founder Vernon Jefferson said in a statement. “As they do their best to ensure sensitive company data is protected and compliance obligations are met, they are bombarded by alerts that they then have to investigate. We believe there’s a better way."

By 2027, Gartner expects 99% of compromised cloud records will result from user misconfigurations rather than cloud provider faults. With Kivera, Cloudflare will enhance its single-vendor SASE platform. Specifically, Cloudflare said Kivera will offer customers an improved ability to detect misconfigurations, enforce data boundaries and manage cloud security compliance seamlessly across cloud providers.

What Sets Kivera's Approach to Cloud Security Apart

With Kivera, companies can now prevent security misconfigurations and breaches before they occur, which Cloudflare said is a significant step forward from traditional reactive security approaches such as cloud security posture management. Once Kivera is integrated, Cloudflare said companies will benefit from one-click protections that prevent cloud breaches caused by misconfigurations and human error.

Kivera enables companies to define boundaries around cloud resources to prevent unauthorized data access and reduces the risk associated with unmonitored cloud infrastructure by enforcing preset standards for cloud interactions. With Kivera, Cloudflare said customers can automatically enforce compliance with major regulatory frameworks.

Cloudflare said Kivera’s proactive approach differs from traditional methods like cloud security posture management and infrastructure as code tools, which often only alert teams after an issue occurs. Kivera will help enable centralized security management, bringing DevOps-friendly preventive controls to cloud deployments and securing the complex landscape of modern cloud infrastructures, Cloudflare found.

Kivera is Cloudflare's fifth acquisition in 2024, coming just four months after the company bought zero trust infrastructure access startup BastionZero for $13.1 million to secure remote access to critical infrastructure. In April 2024, Cloudflare purchased observability startup Baselime to enhance the developer experience on serverless platforms as well as open-source deployment platform PartyKit (see: Cloudflare Enters Observability Space With Baselime Purchase).

And in March 2024, Cloudflare acquired multi-cloud networking startup Nefeli Networks to enable better network and security management within the cloud.


About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing paymentsecurity.io, you agree to our use of cookies.