Microsoft confirms it’s buying cybersecurity startup RiskIQ
Microsoft has confirmed it’s buying RiskIQ, a San Francisco-based cybersecurity company that provides threat intelligence and cloud-based software as a service for organizations.
Terms of the deal, which will see RiskIQ’s threat intelligence services integrated into Microsoft’s flagship security offerings, were not disclosed, although Bloomberg previously reported that Microsoft will pay more than $500 million in cash for the company. Microsoft declined to confirm the reported figure.
The announcement comes amid a heightened security landscape as organizations shift to remote and hybrid working strategies.
RiskIQ scours the web, mapping out details about websites and networks, domain name records, certificates and other information, like WHOIS registration data, providing customers visibility into what assets, devices and services can be accessed outside of a company’s firewall. That helps companies lock down their assets and limit their attack surface from malicious actors. It’s that data in large part that helped the company discover and understand Magecart, a collection of groups that inject credit card stealing malware into vulnerable websites.
Microsoft says that by embedding RiskIQ’s technologies into its core products, its customers will be able to build a more comprehensive view of the global threats to their businesses as workforces continue to work outside of the traditional office environment.
The deal will also help organizations keep an eye on supply-chain risks, Microsoft says. This is likely a growing priority for many: An attack on software provider SolarWinds last year affected at least 18,000 of its customers, and just this month IT vendor Kaseya fell victim to a ransomware attack that spread to more than 1,000 downstream businesses.
Eric Doerr, vice president of cloud security at Microsoft, said: “RiskIQ helps customers discover and assess the security of their entire enterprise attack surface —
Source: Tech Crunch