Cloudflare Expands Zero Trust Capabilities with BastionZero Acquisition

Cloudflare has announced the acquisition of BastionZero, a Zero Trust infrastructure access platform, to further strengthen remote access to core IT systems for customers of Cloudflare One, the company’s secure access service edge (SASE) platform.

Combined with existing Cloudflare One capabilities, the acquisition of BastionZero gives IT and security teams Zero Trust controls for infrastructure like servers, Kubernetes clusters, and databases. This expands the scope of Cloudflare’s VPN replacement solution beyond apps and networks to infrastructure resources. As a result, security teams can centralize management of even more of their hybrid IT environment, while using standard Zero Trust practices to keep DevOps teams productive and secure.

With traditional virtual private network (VPN) security set-ups, developers and systems architects are granted overly permissive and long-lived access to a company’s most sensitive systems, such as servers and databases. In a world of hybrid work, this is an increasingly costly, risky, and outdated approach, hindering the ability to securely deploy new systems and react to a fast-changing business environment.

“The world of work has changed dramatically. Employees have the expectation that they can effectively do their work from anywhere. There’s no reason why teams managing an organization’s most important systems can’t have the same flexibility,” said Matthew Prince, co-founder and CEO, Cloudflare. “Incorporating BastionZero into Cloudflare One gives IT teams access to an organization’s most critical inner workings securely, wherever they are. Millions of organizations around the world trust Cloudflare to protect their systems and data so they can focus on their business and their customers. The addition of BastionZero is just one more way we can protect them like no one else can.”

Adding BastionZero’s technology to Cloudflare One will give hybrid and remote IT teams access to their most critical assets remotely, resulting in:

  • Increased security: Eliminating the need and risk of long-lived passwords and credentials by making it even easier to abide by Zero Trust principles for system access.
  • Increased compliance: Ensuring just-in-time permissions for every person trying to access core systems and servers—such as developers and systems administrators—even if they’re working remotely, while following centralized policy controls with identity-aware logging.
  • Increased control: Enabling individuals to have access to information and systems only when they need it with “just-in-time” policy options.
  • Reduced complexity: Removing the need for legacy workaround security patches between systems (e.g. jump hosts) and more quickly granting access across complex infrastructure with policy controls and observability.

“Scalable and secure remote access to company servers and other infrastructure is table stakes for every IT and development team,” said Sharon Goldberg, Co-founder and CEO at BastionZero. “But home-grown solutions increasingly create security risks and operational costs. This acquisition enables us to deeply integrate BastionZero’s unique cryptographic approach for simple passwordless infrastructure access into the world’s largest secure access service edge (SASE) network. We’re proud to join Cloudflare to help companies provide Zero Trust access to their most critical infrastructure assets.” Oppenheimer & Co. Inc. acted as exclusive financial advisor to BastionZero on this transaction.

Launched in 2020, Cloudflare One is one of the fastest-growing platforms for secure access service edge (SASE) and security service edge (SSE) services. Companies worldwide rely on Cloudflare One to ensure only the right employees have access to the right internal systems and data at the right time with minimal burden on employees. This acquisition will expand Cloudflare’s cloud security capabilities in the SASE market.

According to Gartner, “Over the next five years, the market for secure access service edge will grow at a compound annual growth rate of 29%, reaching over $25 billion by 2027. The underlying SASE products that buyers will use will be split between single-vendor and dual-vendor approaches.”

Cloudflare One is a key part of Cloudflare’s connectivity cloud, enabling organizations to bring more IT security tools onto a single platform and making it easier to implement secure access to all their resources, from developer access to technical infrastructure to ever-expanding cloud services.

Leave a Reply

Your email address will not be published. Required fields are marked *