New Acquisition Signals Growing Interest from Palo Alto Networks in the Israeli Cyber Arena
Palo Alto Networks, a major American cybersecurity firm, has announced plans to acquire CyberArk, a leader in identity and access security. The company aims to complete this transaction by summer 2026, with a deal valued at approximately $25 billion, paid in a combination of cash and stock. This move underscores Palo Alto’s strategic focus on expanding into the Israeli cybersecurity market, particularly as most of its recent acquisitions have taken place within Israel itself.
Historically, Palo Alto Networks has shown a strong inclination toward acquiring innovative Israeli cybersecurity companies. Notable acquisitions include:
– Cider Security in November 2022, specializing in application security, for around $195 million.
– Dig Security in December 2023, focusing on security posture management related to data, estimated at $400 million.
– Talon Cyber Security, also in December 2023, offering enterprise browsers, with an estimated value of $625 million.
The latest deal, noteworthy for its scale, involved the American company Protect AI, valued between $650 million and $700 million.
CyberArk: A Major Player in Privileged Access Management
The planned acquisition of CyberArk marks Palo Alto Networks’ first significant entry into the identity security segment, an area where it has been relatively absent. CyberArk’s platform centers around Privileged Access Management (PAM), which now secures approximately 8 million end-users globally. Founded in 1999, CyberArk boasts a valuation of around $1.3 billion, with about 10,000 clients and 4,000 employees. Meanwhile, Palo Alto Networks claims a customer base nearing 70,000, with 16,000 employees and projected revenues of $9.18 billion for its current fiscal year ending July 31, 2025.
In Gartner’s latest Magic Quadrant for PAM solutions, CyberArk is classified as a “leader.” The technology research firm highlights the maturity of several CyberArk products, including privileged account and session management, privilege elevation and delegation on Windows, and secrets and machine identity management. Additionally, Gartner values CyberArk’s global presence and its innovation efforts, such as Just-In-Time (JIT) access and native database access management.
However, Gartner also offers some critiques: the company’s updates tend to be resource-intensive, its support services receive mixed reviews, and there are limitations in privilege elevation management on UNIX/Linux and Mac platforms. Its pricing is also noted as being among the highest in the market.
Aside from PAM, CyberArk is also recognized on Gartner’s Identity and Access Management (IAM) Magic Quadrant, where it is labeled a “challenger.” Here, Gartner praises its AI-driven tools like the CORA AI engine, its support and training programs, and the extension of its detection and response functionalities. Nonetheless, pricing remains on the higher side, and the company has less recognition and fewer clients in certain segments like Customer Identity and Access Management (CIAM) and Partner Identity and Access Management (PIAM).
The Strategic Rationale: Why Identity Matters More Than Ever
Palo Alto Networks emphasizes that, beyond its traditional security offerings, Privileged Access Management is now more vital than ever. The key driver is the rise of autonomous, agent-based systems, which significantly increase the number of machine identities—estimated to be 80 times more numerous than human identities as of April 2025 (CyberArk).
Managing these machine identities as privileged users is critical because their behavior tends to be unpredictable and often non-deterministic. Palo Alto argues that in today’s security landscape, every user should be considered a potential privileged user, especially considering that approximately 88% of breaches involve stolen credentials (Verizon Data Breach Investigations Report, 2025). This perspective pushes organizations to adopt more sophisticated, scalable identity security solutions that can handle both human and machine actors efficiently.
By integrating CyberArk, Palo Alto aims to bridge its existing technologies with advanced identity security capabilities, positioning itself to better address the complexities of modern cyber threats. The expectation is that PAM solutions, which can now be deployed at a cost comparable to traditional IAM systems, will become essential tools for protecting organizations against a growing landscape of adversaries.
With this acquisition, Palo Alto Networks clearly signals its belief that securing the proliferation of machine identities and enabling dynamic, privilege-based access controls are critical components of a comprehensive cybersecurity strategy in the digital age. As cyber threats evolve, so must the approaches to safeguarding access—making this move by Palo Alto both timely and strategically significant.
