Were you unable to attend Transform 2022? Check out all of the summit sessions in our on-demand library now! Watch here.

Cloudflare is doubling down on email security, with an agreement to acquire Area 1 Security — as the company seeks to become the top player in the realm of secure access service edge (SASE).

The acquisition price for San Mateo, California-based Area 1 Security is approximately $162 million, Cloudflare said in announcing the deal today.

While SASE doesn’t typically include email security as a component, Cloudflare cofounder and CEO Matthew Prince said in a recent interview with VentureBeat that the definition of SASE needs to go broader.

“We think email security makes total sense as part of SASE,” Prince said in the interview earlier this month.


MetaBeat 2022

MetaBeat will bring together thought leaders to give guidance on how metaverse technology will transform the way all industries communicate and do business on October 4 in San Francisco, CA.

Register Here

Cloudflare recently began “dipping our toe into the email space,” he said. Last September, the San Francisco-based company released a free email routing and anti-phishing solution — and it’s been “amazing” to see the demand for it, Prince said.

“We’ve had over 200,000 domains register for that,” Prince told VentureBeat. “By domain count, we became one of the largest email security providers that’s out there.”

Broadening the SASE definition

With Cloudflare’s push into email security, “I think we are trying to stretch the bounds of what what it means to be SASE,” he said.

Cloudflare’s SASE offering, the Cloudflare One platform, represents the direction that the company — known for its global network that enables strong security and performance for web properties — is most focused on now.

In coining and defining the term SASE, Gartner analysts were “trying to describe what a future network would look like, that would do all the things that you would want,” Prince said. “I think that that’s the spirit of SASE.”

Gartner’s standard definition of SASE includes capabilities for secure web gateway (SWG), cloud access security broker (CASB), next-generation firewalls and zero-trust network access (ZTNA). However, at Cloudflare, “we would argue that it’s actually bigger,” Prince said.

Ultimately, email security “is a space where — given our scale and reach — there’s a very big opportunity for us to quickly make a real dent,” Prince said. “I think that’s just a very natural addition.”

In terms of its existing email routing service, however, the offering is “relatively simplistic” at present, he acknowledged.

AI-powered email security

That is where the acquisition of Area 1 Security, which offers AI-driven protection against phishing attacks, will come in.

Last year, Area 1 blocked more than 40 million phishing campaigns that included business email compromise (BEC) attacks and attempted delivery of ransomware and other malware, Cloudflare said in a news release today.

With Cloudflare and Area 1 Security’s technologies combined, “we expect we’ll be delivering the fastest, most effective, and most reliable email security on the market,” Prince said in the news release.

On Twitter, Prince said that Cloudflare has been a customer of Area 1 Security for the past two years. “They are, by far, the best email security vendor,” he tweeted.

Cloudflare said it expects to close its acquisition of Area 1 Security early in the second quarter. It would become the ninth acquisition for Cloudflare since its founding in 2009.

Founded in 2013 by NSA alums, Area 1 Security has 75 employees and had raised more than $80 million in funding, most recently adding $25 million in June 2020.

Secure remote access

The ultimate goal of SASE is to offer a more dynamic and decentralized security architecture than existing network security architectures, since it accounts for the large number of users, devices, applications and data that are now located outside the enterprise perimeter. SASE offers a flexible and “anywhere, anytime” approach to providing secure remote access via ZTNA, CASB, SWG and next-gen firewalls.

Cloudflare One debuted in October 2020. The SASE platform provides a zero trust architecture and “network-as-a-service” approach for securely connecting users to enterprise resources, the company says, while also leveraging Cloudflare’s well-known security capabilities such as distributed denial of service (DDoS) mitigation.

Ultimately, “we believe that we’ve got the best user experience of any SASE out there,” Prince said in the previous interview with VentureBeat. “Other SASE applications slow IT teams down, are a pain to implement, and really disappoint and frustrate end users. But from the beginning, one of our key value propositions was performance. And we take that incredibly seriously.”

Earlier this month, Cloudflare added a key missing piece to the SASE offering, with the acquisition of a startup that offers CASB capabilities. Crucially, the technology offered by the startup, Vectrix, is a “modern” equivalent of a CASB, with dramatically simplified deployment compared to most existing tools, Prince said previously.

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.