Security Experts:

Connect with us

Hi, what are you looking for?


Cloud Security

HPE Acquires Identity Management Firm Scytale

Hewlett Packard Enterprise (HPE) on Monday announced that it has acquired Scytale, an identity management startup that specializes in cloud-native security and zero trust networking.

Hewlett Packard Enterprise (HPE) on Monday announced that it has acquired Scytale, an identity management startup that specializes in cloud-native security and zero trust networking.

Launched in 2017, Scytale is the company behind Secure Production Identity Framework for Everyone (SPIFFE), a set of open-source standards designed for securely identifying software systems by providing a special X.509 certificate, which represents a secure identity, to every workload in a production environment. Scytale also created SPIRE, a production-ready implementation of the SPIFFE APIs.

SPIFFE and SPIRE were adopted by the Cloud Native Computing Foundation and they have been used by several major organizations. However, Scytale has also been offering a commercial product that extends SPIRE with various useful features, including ones that enable integration with SSO, SIEM and IAM platforms.

HPE says its acquisition of Scytale will provide customers and partners “the freedom to design, deploy, and achieve their IT operational goals, regardless of supplier or location, with the same level of trust that was previously achievable only through proprietary network-security schemes.”

The company says it plans on using SPIFFE and SPIRE in its own products, and it has promised to continue improving them.

“Scytale’s DNA is security, distributed systems, and open-source. Under HPE, Scytale will continue to help steward SPIFFE. Our ever-growing and vocal community will lead us. We’ll toil to maintain this transparent and vendor-neutral project, which will be fundamental in HPE’s plans to deliver a dynamic, open, and secure edge-to-cloud platform,” said Sunil James, CEO and co-founder of Scytale.

Financial terms of the deal have not been disclosed.

Related: HP Acquires Endpoint Security Company Bromium

Related: Akamai Acquires Identity Management Firm Janrain

Related: OPSWAT Acquires Network Access Control Provider Impulse

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.


Tenable has launched a $25 million venture fund to place bets on early-stage startups in the exposure management space.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Management & Strategy

Microsoft making a multiyear, multibillion dollar investment in the artificial intelligence startup OpenAI, maker of ChatGPT and other tools.