Cybersecurity company Palo Alto Networks has completed its $25 billion acquisition of Israel-based identity security firm CyberArk, bringing privileged access and identity security into the core of its platform strategy.
With this acquisition, Palo Alto aims to extend privileged access controls across human, machine, and AI identities, reduce standing privileges, limit lateral movement, and stop identity-based attacks faster, the company said.
The deal also marks what the company describes as the end of “identity silos,” enabling customers to manage privileged access across hybrid cloud environments through a unified platform, said Nikesh Arora, Chairman and CEO of Palo Alto Networks, in a statement.
According to Palo Alto, organizations that use identity-driven security controls can accelerate their breach response by up to 80% by preventing attackers from abusing credentials and obtaining excessive access.
Closing the privileged access gap
The move comes at a time when identity has emerged as one of the most targeted layers in enterprise attacks, driven by the rapid adoption of cloud, automation, and AI.
“In a cloud-first world, the network perimeter has largely disappeared, and identity has become the new perimeter, with most major breach reports showing that compromised credentials are central to attacks. The rise of agentic identity makes this even more urgent as enterprises deploy autonomous AI agents that read emails, query databases, and trigger workflows. These agents operate 24/7 and often hold broad permissions to function reliably,” said Pareekh Jain, CEO at EIIRTrend & Pareekh Consulting.
If an attacker compromises an AI agent’s identity, they can execute attacks at machine speed, exfiltrating data or disrupting systems faster than human teams can respond, Jain pointed out.
That is the layer CyberArk has traditionally focused on securing. The company specializes in privileged access management, and its expertise in securing credentials, passwords, and privileged accounts across hybrid, multi-cloud, and on-premises environments has made it a key player for enterprises seeking to protect their most sensitive accounts.
And while network, cloud, and endpoint visibility are areas where Palo Alto is already present, analysts say the CyberArk acquisition strengthens a capability that was not deeply native to its platform.
“The integration will strengthen Palo Alto’s zero trust strategy by embedding CyberArk’s PAM, Identity Provider from Idaptive, and Identity Governance from Zilla into its network, cloud, and SOC tools like Prisma and Cortex, enabling unified visibility, automated privilege enforcement, and protection for human, machine, and AI agent identities,” added Jain.
For Palo Alto Networks, this fills a core gap in a platform strategy because identity is the policy anchor for Zero Trust access and enforcement. It should strengthen the “reduce standing privilege and blast radius” story across cloud, endpoint, and SecOps workflows, not as a bolt-on but as a first-class pillar, said Chirag Mehta, vice president and principal analyst at Constellation Research.
Customer impact and integration risks
While Palo Alto is integrating CyberArk’s capabilities into its security ecosystem, the company will continue to offer CyberArk’s identity security solutions as a standalone platform.
This signals continuity and roadmap stability for existing customers in the near term. “Standalone CyberArk availability is expected to continue, now backed by Palo Alto’s global scale, expanded support, Unit 42 threat intelligence, and AI-driven analytics for stronger real-time risk detection,” added Jain.
However, Devroop Dhar, MD at Primus Partners, says the risk, as with any acquisition, is transition friction. “Product roadmaps may shift, interfaces change, and customers worry that pricing bundles or licensing models will evolve. Some may also worry about vendor lock-in as identity becomes tightly coupled with a single broader platform,” he said.
On the other hand, enterprises using Palo Alto had to work with other vendors to get identity governance or privileged access. Now, identity becomes a native part of the platform story, which can simplify Zero Trust programs by linking privileged identity controls to network, cloud, and SecOps enforcement, noted Mehta.
The upside is better end-to-end policy and faster response when identity is the initiating signal, Mehta said. “The watch-out is how smoothly Palo Alto integrates the tech and licensing without adding complexity or disrupting existing identity ecosystems.”
Race to own the identity plane
As security platforms continue to converge, vendors are moving away from standalone point solutions toward unified ecosystems that combine network, cloud, endpoint, and identity controls under a single architecture. This shift reflects growing enterprise demand for integrated visibility and policy enforcement rather than fragmented toolsets.
“In putting identity deeply into its stack, Palo Alto moves closer to competing with Microsoft’s identity-centric approach and with broader platform players combining endpoint, cloud, and access security,” Dhar said. Jain noted that this acquisition also positions Palo Alto as a full-stack identity player in identity security (PAM, IGA, IdP), challenging Okta and others by combining CyberArk’s depth with superior threat detection and SASE.
No Responses