Microsoft has acquired RiskIQ, a San Francisco-based cybersecurity company that provides threat intelligence and cloud-based software as a service (SaaS) for organisations.
The acquisition will see RiskIQ’s threat intelligence services integrated into Microsoft’s existing flagship security offerings, with Bloomberg reporting that Microsoft will pay more than $500-million for the company.
RiskIQ’s systems survey the web and map out details about websites and networks, domain name records, certificates and other information, namely: WHOIS registration data, which shows customers what assets, devices and services can be accessed outside of a company’s firewall.
This helps companies and organisations lock down their assets and limit their attack surface from malicious actors, writes Tech Crunch. It is this data that RiskIQ collects that helped the company discover Magecart, a collection of threat groups that inject credit card stealing malware into vulnerable websites.
Microsoft says that by embedding RiskIQ’s tech into its core line of products, customers will be able to build a more comprehensive view of the global threats to their businesses as workforces continue to move away from traditional office environments.
“RiskIQ helps customers discover and assess the security of their entire enterprise attack surface — in the Microsoft cloud, AWS, other clouds, on-premises, and from their supply chain,” says Eric Doerr, VP of cloud security at Microsoft.
“With more than a decade of experience scanning and analyzing the internet, RiskIQ can help enterprises identify and remediate vulnerable assets before an attacker can capitalize on them.”
Cybercrime: Ever on the Rise
The announcement comes amid a heightened cybersecurity landscape, with high profile attacks becoming more common and organisations shift to remote and hybrid working strategies.
RiskIQ’s deal with Microsoft will also help organisations keep an eye on supply-chain risks, which is a growing priority for many. Last year, a highly-publicised attack on software provider SolarWinds affected at least 18,000 of its customers, and this month IT firm Kaseya fell victim to a massive-scale ransomware attack that saw its customers across 17 countries affected.
Microsoft’s move to acquire RiskIQ is surely the tech giant’s answer to the increased risk of cyber-attack, especially with more and more organisations adopting Microsoft’s Azure services en masse. A massive-scale attack on Microsoft that trickles down on its customers would be a financial and PR disaster for the company, and this acquisition could be a new step in mitigating this possibility.