Microsoft to Acquire RiskIQ – BankInfoSecurity

(Watch for updates on this developing story.)

See Also: Live Panel | Zero Trusts Given- Harnessing the Value of the Strategy

Microsoft announced Monday a definitive agreement to buy RiskIQ, an attack surface management and threat intelligence firm.

Although the two companies are not discussing financial details, BNN Bloomberg is citing sources who put the price tag at $500 million in cash.

Microsoft tells Information Security Media Group it’s not yet disclosing when the deal is expected to close.

RiskIQ’s Capabilities

“The combination of RiskIQ’s attack surface management and threat intelligence empowers security teams to assemble, graph and identify connections between their digital attack surface and attacker infrastructure and activities to help provide increased protection and faster response,” says Eric Doerr, Microsoft’s vice president of cloud security.

San Francisco-based RiskIQ, which was founded in 2009, has between 100 and 250 employees, according to the tracking site Crunchbase.

Once the deal is closed, RiskIQ employees will be joining Microsoft’s cloud and AI division, Microsoft says.

Commenting on the deal, RiskIQ co-founder and CEO Elias Manousos says that adding RiskIQ’s attack surface and threat intelligence solutions to the Microsoft security portfolio will “enable best-in-class protection, investigations and response against today’s threats.”

Microsoft Acquires ReFirm Labs

In June, Microsoft announced the purchase of the firmware analysis company ReFirm Labs. The financial details of that deal were not disclosed.

ReFirm Labs’ technology focuses on scanning firmware for security issues, an important step as more devices flood the market and expand the available attack surface, Microsoft says.

Other Acquisition Activity

In other recent merger and acquisition activity:

• ZeroFox has acquired darknet threat intelligence company Vigilante.
• Barracuda entered into a definitive agreement to acquire Melville, N.Y.-based SKOUT Cybersecurity, a developer of cyber-as-a-service software for managed service providers and an XDR platform and service.
• Cybersecurity services company BlueVoyant has acquired the U.K.-based cybersecurity consultancy Marclay Associates.
• Cyber Security Works, an Albuquerque, N.M.-based provider of vulnerability management as a service and pen testing services, merged with the Chandler, Ariz. cybersecurity consultancy firm Zuggand Inc. to create what it calls a “next-generation managed cloudsecops company” that will retain the Cyber Security Works name.