BOSTON — The publicly traded cybersecurity analytics and automation company Rapid7 has acquired IntSights Cyber Intelligence for its contextualized external threat intelligence and proactive threat remediation solutions.
Boston-based Rapid7 (Nasdaq: RPD) will pay about $335 million in cash and stock to acquire New York-based IntSights, according to the company last month.
Rapid7’s Insight Platform features a broad set of capabilities: detection and response; vulnerability management; cloud security; application security; and security orchestration and automation.
IntSights’ solutions help security operations teams with continuous coverage for external threats, from identification to mitigation and remediation.
The acquisition of IntSights will allow Rapid7 to combine its community-infused threat intelligence and understanding of customer environments with IntSights’ external threat intelligence capabilities.
The combination is intended to provide customers with a “unified view” into threats, attack surface monitoring, relevant insights, and proactive threat mitigation for organizations of any size or level of “security maturity.”
The deal will also enhance Rapid7’s cloud-native extended detection and response (XDR) offering, InsightIDR, by enabling high-quality, high-fidelity alerts for efficient security operations, earlier threat detection, and accelerated response times.
As more companies undergo digital transformations, Rapid7 believes the attack surface has “increased exponentially,” making it imperative for security teams to have early threat detection for both their internal and external environments.
Most security teams, however, are “under-resourced and overburdened, inundated with a deluge of data from their own environment, and struggling to identify what needs immediate action,” according to Rapid7.
“There’s no shortage of threat intelligence information available today, but much of it lacks context, creating too much alert noise and additional work for already overburdened security teams,” said Richard Perkett, SVP of detection and response at Rapid7.
Rapid7’s acquisition of IntSights is its fourth acquisition in the cybersecurity market in just over a year.
In April, Rapid7 acquired Velociraptor for an undisclosed amount. Velociraptor is an open-source technology and community for endpoint monitoring, digital forensics, and incident response.
In February, Rapid7 acquired Tel Aviv, Israel-based Alcide.IO for about $50 million. Alcide.IO is a provider of Kubernetes security.
In April of 2020, Rapid7 filed its intent to acquire Arlington, Virginia-based DivvyCloud for about $145 million. DivvyCloud is a provider of cloud security posture management (CSPM).
External threat intelligence market
IntSights is one of the featured providers in “The Forrester Wave” report on external threat intelligence services in Q1 2021, along with several others: CrowdStrike; Digital Shadows; FireEye; Flashpoint; Group-IB; IBM; Intel 471; Kaspersky; and more.
Typically, clients select “a cocktail” of external threat intelligence services to meet their needs rather than one provider, according to a blog post by Brian Kime, senior analyst, and Elsa Pikulik, researcher, at Forrester.
And while global decision makers were subscribing to 4.2 external threat intelligence services in 2018, the number grew 75% to 7.5 by 2020, Kime and Pikulik say. The shift shows the “growing enterprise demand to enhance existing cyber defenses.”
“With today’s sprawling attack surface and the sophistication level of threat actors, I can’t overstate the importance of a solid threat intelligence program,” said Jon Oltsik, senior principal analyst and fellow, Enterprise Strategy Group (ESG).
“Threats can come from anywhere, which is why having visibility into your internal and external threat landscape is imperative.”