Cloudflare Acquires Vectrix for SaaS Application Security

Cloudflare, a security, performance and reliability company, has announced that it has acquired Vectrix. Vectrix provides businesses with one-click visibility and control across their SaaS applications.

Vectrix can push Cloudflare’s existing Zero Trust platform, Cloudflare One, by allowing security teams to scan third-party tools–including Google Workspace, GitHub, and AWS. Users can then detect and mitigate issues such as inappropriate file sharing and user permission misconfigurations, according to company officials.

Matthew Prince, co-founder and CEO of Cloudflare, said in a press release that Cloudflare’s global network blocks attempts to compromise data at multiple levels while accelerating traffic to the Internet. 

Integrating Vectrix’s API-driven Cloud Access Security Broker (CASB) with Cloudflare One provides enterprises with Zero Trust control of both data-at-rest and data-in-transit. Vectrix extends the security of Cloudflare’s network to the data stored in SaaS applications, giving customers a single control plane for the security of their workforce and resources.

Vectrix’s CASB scans, detects and continuously monitors for security issues across IT-managed SaaS apps like Microsoft 365, ServiceNow, Zoom or Okta.

According to Corey Mahan, co-founder and CEO of Vectrix, CASB solutions help teams with:

• Data security: ensuring the wrong file or folder is not shared publicly in Dropbox.
• User activity: alerting to suspicious user permissions changing in Workday at 2:00 AM.
• Misconfigurations: keeping Zoom Recordings from becoming publicly accessible.
• Compliance: tracking and reporting who modified Bitbucket branch permissions.
• Shadow IT: detecting users that signed up for an unapproved app with their work email.

“Everyone uses SaaS applications, from sending emails to managing HR, but simply ticking the wrong box can leave a business’s critical data exposed,” Corey Mahan, co-founder and CEO of Vectrix, said in a press release. “By combining Vectrix’s API first approach with the scale of Cloudflare’s Zero Trust platform we’re able to give customers an easy and simple way to control how data from those applications are shared.”

Mahan wrote in a blog post his teams built Vectrix to solve a problem that “terrified us as security engineers ourselves.” How do we know if the SaaS apps we use have the right controls in place? Is our company data protected? SaaS tools make it easy to work with data and collaborate across organizations of any size, he added, but that also makes them vulnerable.