Why Cisco Systems (CSCO) Is Buying Portshift

By Amit Chowdhry ● October 5, 2020
  • Cisco Systems, Inc. (NASDAQ: CSCO) recently announced a decision to buy Portshift. These are the details.

Cisco Systems, Inc. (NASDAQ: CSCO) recently announced a decision to buy Portshift, which a privately held company based in Tel Aviv, Israel, focused on building application security solutions that span a large portion of the lifecycle of cloud-native applications, from development and policy enforcement to vulnerability management and run-time protection. And Portshift’s team brings cloud-native application security capabilities and expertise for containers and service meshes for Kubernetes environments to Cisco, thus allowing the company to move toward the delivery of security for all phases of the application development​ lifecycle.

This acquisition of Portshift represents Cisco’s focus on the next wave of innovation by anticipating, investing in and incubating new technologies that Cisco can scale and take to market. And through Cisco’s Emerging Technologies and Incubation (ET&I) group, Cisco incubates and advances new and emerging technologies that address its customers’ most challenging enterprise IT issues. Application Security is known as being one of the initial focus areas of ET&I.

“As the proliferation of cloud-native apps continues to accelerate with the aim to transact business efficiently and securely from anywhere, the security landscape is converging toward protecting both people and applications. Business agility requirements are pushing security up the stack and earlier in the application development lifecycle​, accelerating time to results. As these cloud-native apps become more pervasive, application and workload security take on a higher priority,” wrote Liz Centoni, Senior Vice President and General Manager IoT at Cisco.

To help and empower our customers and partners, Cisco has been aiming to deliver security solutions for these cloud-native development environments and to add application security constructs much earlier in the development lifecycle – which is a company initiative referred to as Shift Left. With the Velocity and Simplicity perspective, this implies developing new application and workload security​ software services for providing seamless button-click deployment of a security framework into customers’ CI/CD pipelines and eventual production runtime environments​. And with the operating model and teams standpoint, it implies providing the application developers, security teams, platform teams, and all SRE teams in the dev-deploy chain with the appropriate context, policy enforcement, vulnerability management, risk management, and runtime security and observability hooks.

“Portshift aligns to Cisco’s approach of providing secure connectivity between users, devices, and apps, wherever they reside; visibility and actionable insights from the end-user to the application; a simplified consumption model that includes cloud-first Secure Access Service Edge (SASE) capabilities; commitment to an open-source and open standards philosophy; and breaking down the siloes between developers, security teams, infrastructure teams, operations, and SRE teams,” added Centoni.

This acquisition is expected to close in the first half of Cisco’s FY21. And the Portshift team will join Cisco’s ET&I group.