Microsoft to acquire RiskIQ to strengthen its cybersecurity portfolio

Microsoft is acquiring San Francisco-based RiskIQ, a company that specialises in detecting security threats to help its customers address the risks created by remote work.

The acquisition comes at a time when ransomware exploits are causing serious threats for large and small operations. By adding RiskIQ to its portfolio of tools and services, Microsoft will have another offering for its customers to help protect their operations. The price for the acquisition was not disclosed but Bloomberg reported that it was north of $500m for the right to acquire the company.

RiskIQ was founded in 2009 and specialises in detecting external threats and helping its customers protect their data by “extending cybersecurity beyond the firewall” in their own terms. RiskIQ is a SaaS platform enabling customers leverage data to reduce attack surfaces for their operation.

RiskIQ, which was founded in 2009, has raised a total of $83m over four rounds of funding, including a $15m Series D round last June. It lists Box, the US Postal Service, BMW, Facebook, and American Express as customers.

RiskIQ CEO Elias Manousos said, “The vision and mission of RiskIQ is to provide unmatched internet visibility and insights to better protect and inform our customers and partners’ security programs. Our combined capabilities will enable best-in-class protection, investigations, and response against today’s threats.

“We are joining Microsoft to extend and accelerate our reach and impact and are more committed than ever to executing our mission. We’ll work closely with our customers as we integrate RiskIQ’s complementary data and solutions with Microsoft’s Security portfolio to enable best-in-class solution attack surface visibility, threat detection, and response.”

In the past seven months, platforms like Solarwinds and Kaseya become victims of sophisticated attacks. In addition, there were ransomware attacks on Colonial Pipelines, who agreed to pay $4m, and on meat suppliers JBS, who reportedly paid $11m. The Russia-linked REvil ransomware group has been wreaking havoc with ransomware and supply chain attacks.

Microsoft has also had its own cybersecurity challenges this year: Chinese-linked group Hafnium breached the company’s Exchange email service in March, potentially giving the group access to data from tens of thousands of organisations, including state and local governments, academic institutions, infectious disease researchers and businesses. It’s clear that the pervasive threats from malicious groups and nation-states are on the rise which is pushing Microsoft to offer more robust security solutions for its customers.

Microsoft cloud security VP Eric Doerr said, “Microsoft is announcing that we have entered into a definitive agreement to acquire RiskIQ, a leader in global threat intelligence and attack surface management, to help our shared customers build a more comprehensive view of the global threats to their businesses, better understand vulnerable internet-facing assets, and build world-class threat intelligence.

“RiskIQ helps customers discover and assess the security of their entire enterprise attack surface – in the Microsoft cloud, AWS, other clouds, on-premises, and from their supply chain. With more than a decade of experience scanning and analysing the internet, RiskIQ can help enterprises identify and remediate vulnerable assets before an attacker can capitalise on them.”

The acquisition is one of many Microsoft has made recently in the cybersecurity space. Last month Microsoft acquired another security startup, ReFirm Labs, and a year ago it bought CyberX.

Enjoyed the story? 

Subscribe to our weekly RegTech newsletter and get the latest industry news & research

Copyright © 2018 RegTech Analyst

Investors

The following investor(s) were tagged in this article.