UPDATED 16:32 EDT / JULY 22 2021

SECURITY

Sophos acquires network threat detection startup Braintrace

Sophos Group PLC today announced that it’s acquiring Braintrace Inc., a startup with technology for detecting malicious data traffic in companies’ on-premises networks and public cloud environments.

Sophos is a major cybersecurity provider that has been owned by private equity firm Thoma Bravo since a $3.9 billion acquisition in 2019. For enterprises, the U.K.-based company provides firewalls, malware detection software that runs on employee devices and related products.

For consumers, Sophos offers a freemium antivirus. The company’s products are used by more than 100 million individual end-users worldwide. 

Braintrace is a Salt Lake City-based cybersecurity startup. It offers two solutions: managed security services and software for detecting malicious network traffic. 

Braintrace’s managed services business assists companies with the day-to-day tasks involved in securing their systems, thus helping to free up resources for the in-house information technology team. The startup’s experts run the firewalls and other systems that client organizations rely on to fend off hackers, while also performing other tasks such as investigating breach alerts.

However, the main reason Sophos is buying Braintrace isn’t its services business but rather a network monitoring platform that the startup has developed to support the business’ work. The platform detects breaches by spotting malicious data traffic in companies’ environments that originates from malware.

Braintrace uses machine learning algorithms to identify traffic that is sent from inside the corporate network to an external destination, such as a malware command and control server operated by hackers. The startup’s algorithms can also detect malicious traffic that is traveling to another system in the corporate network rather than an external server. This helps detect attempts by hackers to use a compromised device to breach additional systems.

Sophos provides firewalls that similarly scan network traffic for threats. Those firewalls carry out the process by decrypting packets and inspecting their contents. Braintrace’s platform, in contrast, can analyze traffic even without decrypting it, a capability that Sophos says will complement its existing feature set.

“You can’t protect what you don’t know is there, and businesses of all sizes often miscalculate their assets and attack surface, both on-premises and in the cloud,” Sophos Chief Executive Officer Joe Levy said in a statement. “Attackers take advantage of this, often going after weakly protected assets as a means of initial access. Defenders benefit from an ‘air traffic control system’ that sees all network activity, reveals unknown and unprotected assets, and exposes evasive malware more reliably than Intrusion Protection Systems.”

Sophos plans to make Braintrace’s software available to its customers as a virtual machine so they may deploy it both on-premises and in the cloud. The offering is expected to launch sometime in the first half of 2022.

“The Braintrace technology will also serve as the launchpad to collect and forward third-party event data from firewalls, proxies, virtual private networks (VPNs), and other sources,” Levy detailed in a blog post. “These additional layers of visibility and event ingestion will significantly improve threat detection, threat hunting and response to suspicious activity.”

The Braintrace team, in turn, is joining Sophos’ Managed Threat Response and Rapid Response security services units as part of the deal. The financial terms of the acquisition were not disclosed. 

Photo: Sophos

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU