CyberArk: The $25B Answer to Palo Alto's Identity Crisis

Palo Alto HQ

By: Craig Matsumoto
July 30, 2025


Palo Alto Networks' grand "platform" strategy is coming together with the intended acquisition of CyberArk, announced today. It's expensive and will dismay the investors who dislike the platformization strategy in the first place, but it also brings Palo Alto into the identity and access management (IAM) game in time to catch an identity "inflection point," as CEO Nikesh Arora puts it.

The $25 billion deal, Palo Alto's biggest ever, amounts to $45.00 in cash and 2.2005 shares of Palo Alto Networks common stock for each CyberArk share. Palo Alto expects the deal to close during the second half of its next fiscal year, which will end July 31, 2026.

Palo Alto stock (PANW) was down 7% at $181.18 in midday trading today. CyberArk shares (CYBR) were roughly flat but had already spiked, up 13% yesterday on an early Wall Street Journal report about the deal. That puts CyberArk's market capitalization at about $21.4 billion.

Palo's Platform Play

With Palo Alto having become a kingpin of cybersecurity, Arora is on a mission to accelerate platformization.

The concept makes sense on paper. Security has so many tendrils: network security, cloud security, and so forth. AI adds an whole other set of considerations. Why not offer enterprises one platform so they don't have to gather and integrate security products from different vendors?

Palo Alto was already a platform, in that sense, having consolidated $3 billion worth of acquisitions in the past five years. Last year, however, Arora declared that the company should be platformizing faster.

Getting there will take investment, and that seems to bother Palo Alto shareholders. To attract platform customers, Palo Alto will need to offer incentives: bundles, discounts, and no-cost introductory deals. The ramifications are in the numbers. In May, Palo Alto announced fiscal Q3 gross margins of 76%, missing the analyst consensus of 77.2%, with higher cost-of-sales a likely factor.

CyberArk's Fit with Identity Security

CyberArk—founded in 1999 and public since 2014—provides identity security and privileged access management (PAM), competing with the likes of Okta and SailPoint. In that sense alone, it fills a gap in Palo Alto's portfolio.

What really makes CyberArk attractive, though, is the "inflection point" that's being caused by AI, as Arora noted in a prepared remark.

AI is making identity a more urgent matter. Common holes in identity and access management (IAM) loom larger—issues such as over-privileged credentials that the enterprise has long forgotten. Moreover, the rise of agentic AI means that the definition of identity must include machines, some of which exist only ephemerally.

That's opening new avenues in IAM. Teleport, which was already revamping "identity" to include machines and agents, recently updated Teleport Identity Security to include real-time tracking of user activity across different platforms.

AI exacerbates the problem, as agents will leap from one data source to another rapidly, making real-time anomaly detection crucial.

The Platform Race

So, CyberArk provides a useful fit for Palo Alto. But the investors already uncomfortable with Arora's platform obsession aren't likely to take well to adding another major security sector to the mix. Moreover, large deals incur growing pains. CyberArk has about 10,000 customers. Its products will take time to fold into the Palo Alto platform. Long-term, it's the right idea; short-term, it's going to cost.

Separately from the identity inflection point, Palo Alto is likely motivated by the platformization race, knowing that it's not alone. Consider the bigger cybersecurity deal that happened in March: Google's acquisition of Wiz, the cloud-native application protection platform (CNAPP) provider. That counts as an AI deal too, as Wiz can be applied to intercept threats to (or caused by) AI models. Keeping up is expensive, but Arora has clearly decided that falling behind is too costly.



Trending Articles