Microsoft to Acquire RiskIQCompany Will Join Microsoft's Cloud and AI Division
Microsoft announced Monday a definitive agreement to buy RiskIQ, an attack surface management and threat intelligence firm.
Although the two companies are not discussing financial details, BNN Bloomberg is citing sources who put the price tag at $500 million in cash.
Microsoft tells Information Security Media Group it's not yet disclosing when the deal is expected to close.
Michelle Abraham, research director in IDC's Security and Trust Group, notes that while the deal has a threat intelligence element, she believes it also brings something new to Microsoft.
"My thoughts on the deal are actually in a different direction with the addition of RiskIQ adding attack surface management to Microsoft. The ability to provide an external view of IT assets, especially of previously unknown cloud assets, will be helpful for Microsoft Azure customers, so they know what they have to secure," she says.
"The combination of RiskIQ's attack surface management and threat intelligence empowers security teams to assemble, graph and identify connections between their digital attack surface and attacker infrastructure and activities to help provide increased protection and faster response," says Eric Doerr, Microsoft's vice president of cloud security.
San Francisco-based RiskIQ, which was founded in 2009, has between 100 and 250 employees, according to the tracking site Crunchbase.
Once the deal is closed, RiskIQ employees will be joining Microsoft’s cloud and AI division, Microsoft says.
Commenting on the deal, RiskIQ co-founder and CEO Elias Manousos says that adding RiskIQ's attack surface and threat intelligence solutions to the Microsoft security portfolio will "enable best-in-class protection, investigations and response against today's threats."
Microsoft Acquires ReFirm Labs
In June, Microsoft announced the purchase of the firmware analysis company ReFirm Labs. The financial details of that deal were not disclosed.
ReFirm Labs' technology focuses on scanning firmware for security issues, an important step as more devices flood the market and expand the available attack surface, Microsoft says.
Other Acquisition Activity
In other recent merger and acquisition activity:
- ZeroFox has acquired darknet threat intelligence company Vigilante.
- Barracuda entered into a definitive agreement to acquire Melville, New York-based SKOUT Cybersecurity, a developer of cyber-as-a-service software for managed service providers and an XDR platform and service.
- Cybersecurity services company BlueVoyant has acquired the U.K.-based cybersecurity consultancy Marclay Associates.
- Cyber Security Works, an Albuquerque, New Mexico-based provider of vulnerability management as a service and pen testing services, merged with the Chandler, Arizona cybersecurity consultancy firm Zuggand Inc. to create what it calls a "next-generation managed CloudSecOps company" that will retain the Cyber Security Works name.