Elastic acquires Cmd to bring comprehensive cloud runtime security to customers

Elastic announced it has entered into a definitive agreement to acquire Cmd to give customers deep visibility into cloud workloads and perform expert detection and prevention on cloud-native data.

Together with Elastic’s recent announcement to acquire build.security, Cmd will add runtime security capabilities to Elastic Limitless XDR, unifying security information and event management (SIEM), endpoint, and cloud security – from build-time, to deployment-time, to runtime, all in a single search platform.

Elastic Security provides kernel-level visibility into Linux systems, as well as powerful Linux protection capabilities such as malware prevention and advanced MITRE ATT&CK-mapped Linux rules. With Cmd, Elastic will expand its security capabilities for cloud-native runtime application workloads using extended Berkeley Packet Filter (eBPF) technology.

As a leader in eBPF, Cmd provides deep and performant visibility into cloud workloads, enabling developers to rapidly innovate and deliver entirely new observability and security outcomes for users. eBPF has revolutionized how organizations observe and protect cloud workloads and is a cornerstone of efficient, safe, and all-encompassing observability for Linux.

Elastic will integrate Cmd’s cloud-native data collection and protection using eBPF directly into the Elastic Agent, and integrate Cmd’s innovative and practitioner-oriented user experience and workflows directly into Kibana.

Elastic customers will benefit from the cloud-native security capabilities of Cmd, while Cmd customers will be able to take advantage of Elastic Limitless XDR, including hundreds of stateful detections and machine learning models mapped to MITRE ATT&CK, built-in case workflows, client security on Windows and macOS, and anti-malware prevention on Linux.

Financial terms of the transaction were not disclosed.

“We are incredibly excited to join forces with Elastic to bring comprehensive cloud runtime security to customers,” said Santosh Krishnan, CEO, Cmd. “Any robust cloud security program starts with a strong analytics foundation – an area in which Elastic Security is a proven leader. Together, we will deliver intuitive investigative workflows on top of that foundation, along with preventive controls, and detection and response, to enable customers to quickly find attacks and stop them in their tracks.”

“Our vision for Elastic Security grew from listening to our users, where for years the Elastic Stack has been adopted by the security community for advanced security use cases,” said Shay Banon, founder and CEO, Elastic.

“Bringing that vision to life by joining forces with focused, innovative teams has enabled Elastic to deliver the industry’s first free and open security solution to give every enterprise the power to prevent, detect, and respond to threats from the endpoint to the cloud. We are excited to join forces with Cmd and bring deeper observability and protection to cloud native workloads with practitioner-first experiences.”

The acquisition is expected to close during Elastic’s fiscal second quarter, subject to customary closing conditions.