Palo Alto Networks has completed its acquisition of CyberArk in a deal that recasts identity security as central to how enterprises defend themselves in an AI‑driven world. The company is positioning the CyberArk Identity Security Platform as the third pillar of its platformization strategy—alongside network security and security operations—with an explicit goal: to secure every identity across the enterprise, whether human, machine or AI agent.
This shift is grounded in how attack surfaces have changed. As cloud, automation and AI scale, identity has become the primary attack path rather than just one of many. Machine identities now outnumber human identities by more than 80 to 1, and three‑quarters of organisations admit their human identities are governed by outdated, overly permissive privilege models. Credential abuse and excessive privilege have become dominant threat vectors, and nearly 90 percent of organisations have already suffered an identity‑centric breach. In that context, perimeter controls and point tools are no longer enough; the control plane has to move closer to identities and access pathways.
From Admin-Only to Every Identity
CyberArk built its reputation around privileged access management, traditionally focused on a relatively small set of administrators and high‑risk accounts. Palo Alto Networks’ strategy is to extend those controls across the full identity landscape. The combined platform aims to democratise privileged access by enforcing least privilege for every identity—human, machine and agentic—rather than just locking down a handful of superusers.
Practically, that means shrinking standing privileges, reducing the windows in which credentials can be abused and limiting how far attackers can move if they do gain a foothold. The companies cite evidence that organisations using identity‑driven security controls can accelerate breach response by up to 80 percent, because attacks are choked at the point of credential misuse and lateral movement rather than only at the network edge. As AI agents begin to interact with applications and data continuously, often with elevated permissions, the argument is that such controls will be essential to keep autonomous systems from becoming unmanaged backdoors.
CyberArk’s solutions will continue to be offered as a standalone identity security platform, preserving existing investments and roadmaps. In parallel, integration work has begun to weave its capabilities into Palo Alto Networks’ broader ecosystem: identity will inform network segmentation, threat detection will be enriched with identity context, and SecOps workflows will be able to respond directly by adjusting privileges and sessions. The aim is to break down “identity silos” where access control and threat response are managed in separate stacks.
Strategic Signal: Dual Listing and Israeli R&D Hub
Beyond product integration, the acquisition carries symbolic and strategic weight. Palo Alto Networks has announced its intent to pursue a secondary listing on the Tel Aviv Stock Exchange (TASE), adopting the “CYBR” ticker as a tribute to CyberArk’s brand and Israeli roots. The company will retain its “PANW” listing on the NASDAQ Global Select Market, but the TASE move would make it the largest company by market capitalisation on that exchange.
This step reinforces Israel’s role as a cybersecurity innovation hub within the enlarged group. Palo Alto Networks already operates its largest R&D centre outside Silicon Valley in Israel, and the company is framing this as a primary global innovation hub for securing AI‑era infrastructure. For customers, the dual listing signals a commitment to CyberArk’s heritage and expertise rather than a simple absorption of assets.
Under the transaction terms, CyberArk shareholders are entitled to receive a mix of cash and stock for each ordinary share—US$45 in cash plus 2.2005 shares of Palo Alto Networks common stock. That structure ties former CyberArk investors directly into the future performance of the combined company, aligning incentives as the new identity‑centric security portfolio is rolled out.
Taken together, the deal underlines a broader industry trend: as organisations embrace AI and automation at scale, the most critical security question is shifting from “What is on the network?” to “Who—or what—is this identity, and what should it be allowed to do?” The Palo Alto Networks–CyberArk combination is a bet that controlling that answer, across humans, machines and agents, will define competitive advantage in the next decade of enterprise security.
