Amazon.com (AMZN) and Microsoft (MSFT) are poised to grab market share in the growing field of cybersecurity as companies move more business workloads to their cloud computing services.stock but in general you want to see a stock that’s trending higher so yourhttps://imasdk.googleapis.com/js/core/bridge3.426.0_en.html#goog_362020484Volume 0%
But the two tech powerhouses are going about it in different ways. Microsoft has been more aggressive in making acquisitions to become a bigger player in cybersecurity. Amazon’s priority, meanwhile, is speeding up adoption of cloud computing, even if it means cooperating with industry incumbents.
But Microsoft’s Azure cloud computing service and Amazon Web Services — the units housing their cybersecurity businesses — have expanded security offerings via their divergent paths, says William Blair analyst Jonathan Ho.
“Amazon typically provides something basic, that’s good enough while Microsoft is building best-of-breed products that will compete with third-party vendors,” he said. “Microsoft views security as an area where they want market-leading products.”
Cybersecurity Beckons As Cloud Computing Grows
With its roots in Windows and Office productivity software, Microsoft already has a sizable cybersecurity business. Microsoft bundles some security products with its cloud-based Office 365 productivity tools. In a recent report to clients, Morgan Stanley analyst Keith Weiss estimated Microsoft’s 2020 security revenue at $5 billion.
Microsoft competes with cybersecurity firms such as Proofpoint (PFPT), Splunk (SPLK), CrowdStrike Holdings (CRWD), Okta (OKTA), startup Netskope and others.
Microsoft rolled out a cloud service of its own in 2019. Called Azure Sentinel, it tracks security incidents across a company’s computing network and detects threats.
Said William Blair’s Ho: “Microsoft has become much more competitive in recent years. They’ve been making improvements in endpoint, in email, mobile device management, and with Azure Sentinel.”
But it’s unclear how much of Amazon’s nearly $300 billion in annual sales comes from cybersecurity.
AWS in late March announced that its new “Detective” security platform was available for all customers. Amazon Detective collects log data from AWS customers. It helps customers analyze, investigate and identify the source of security issues.
The Detective service has its roots in Amazon’s 2018 acquisition of startup Sqrrl Data.
Microsoft Acquisitions Fuel Cybersecurity Push
To speed up its push into cybersecurity, Microsoft has acquired three Israeli startups since 2014 — Aorato, Adallom and Hexadite. Another purchase could be coming.
Microsoft reportedly is in talks to buy CyberX, a security startup focused on the Internet of Things. These are web-connected digital devices in telemedicine, factories, energy, smart cities and a number of other industries.
If Microsoft pushes into IoT security, it would square off vs. Palo Alto Networks (PANW) and others.
Morgan Stanley’s Weiss does not expect Microsoft to buy a large cybersecurity incumbent.
“Microsoft will likely continue to invest in security tech tuck-ins, rather than mature security businesses,” he wrote.
The Markets Where Microsoft Now Plays
Weiss noted that most Microsoft security revenue comes from email and endpoint security. While basic Office 365 plans offer anti-spam and malware protection, Microsoft upsells advanced anti-phishing and threat prevention tools.
In the endpoint market, Microsoft competes against Symantec, CrowdStrike and many others. Endpoint security tools detect malware on laptops, mobile phones and other devices that access corporate networks.
Weiss says Microsoft has also gained traction in identity and access management vs. Okta, Ping Identity (PING) and others. IAM software verifies the identity of computer network users. The tools manage the usernames, passwords and access policies of employees, customers and partners.
The new cloud-based Sentinel service competes in security information and event management, also known as SIEM, vs. Splunk, startup Exabeam and others.
Amazon Aims To Be One-Stop Shop
AWS, meanwhile, typically showcases products and services for large companies at its annual re:Invent conference in December. While AWS is the biggest cloud computing service, competition in the enterprise market has intensified vs. Microsoft and Alphabet‘s (GOOGL) Google.
AWS has been developing its own database, security and other enterprise software.
Further, analysts say that by adding plug-in software to its core cloud computing services, AWS aims to be a one-stop shop for large companies.
AWS also aims to provide self-service cybersecurity tools for cloud customers to avoid data breaches. Capital One Financial (COF), an AWS customer, in July 2019 reported a large data breach. Analysts say AWS has added fewer financial services customers since then.
‘Coopetition’ With Other Security Vendors
One question is whether Amazon or Microsoft will be more open to integrating third-party security tools into their cloud-computing platforms.
AWS has taken an unusual tactic. It makes cybersecurity tools from outside vendors available at its cloud marketplace, says Ho.
“Amazon is a competitor but they also want the security vendors to be there,” said Ho. “If you’re adding value, if you’re innovating, if you’re making the cloud safer — and giving people more reason to move to the cloud, then Amazon doesn’t want to drive you out. It’s a ‘coopetition’ model.”
