Microsoft Acquires RiskIQ: Expanding Cybersecurity Capabilities

Microsoft Acquires RiskIQ to Enhance Cybersecurity Capabilities

Microsoft has officially announced the acquisition of RiskIQ, a San Francisco-based firm specializing in cybersecurity. RiskIQ delivers threat intelligence and Software as a Service (SaaS) solutions to organizations globally.

The financial details of this transaction remain confidential. However, previous reports from Bloomberg indicated that Microsoft’s investment exceeds $500 million in cash. Microsoft has not yet confirmed this specific figure.

Growing Need for Robust Security

This acquisition is occurring during a period of increased cybersecurity concerns. The shift towards remote and hybrid work models has expanded the potential attack surface for many organizations.

RiskIQ’s core function involves comprehensive web scanning. It maps details concerning websites, networks, domain name records, and certificate information. This includes WHOIS registration data, offering clients a clear understanding of externally accessible assets, devices, and services.

This visibility allows companies to strengthen their security posture and minimize vulnerabilities to malicious activity. Notably, RiskIQ played a key role in identifying and analyzing Magecart, a group responsible for injecting credit card-stealing malware into compromised websites.

Integration with Microsoft Security Offerings

Microsoft intends to integrate RiskIQ’s technologies directly into its existing security products. This integration will provide customers with a more holistic view of potential threats targeting their businesses, particularly as remote work becomes increasingly prevalent.

Furthermore, the acquisition will bolster organizations’ ability to manage and mitigate supply-chain risks. Recent high-profile attacks, such as the SolarWinds breach affecting over 18,000 customers and the Kaseya ransomware incident impacting more than 1,000 businesses, highlight the critical importance of supply chain security.

Microsoft's Perspective

Eric Doerr, Vice President of Cloud Security at Microsoft, stated: “RiskIQ empowers customers to discover and evaluate the security of their complete enterprise attack surface – encompassing the Microsoft cloud, AWS, other cloud environments, on-premises infrastructure, and their entire supply chain.”

He continued, “With over a decade dedicated to internet scanning and analysis, RiskIQ enables enterprises to pinpoint and address vulnerable assets before attackers can exploit them.”

RiskIQ's History and Future

Founded in 2009, RiskIQ has secured $83 million in funding across four investment rounds. Elias Manousos, co-founder and CEO of RiskIQ, expressed his enthusiasm regarding the acquisition.

“RiskIQ’s core mission is to deliver unparalleled internet visibility and actionable insights, enhancing the security programs of our customers and partners,” Manousos explained. “Combining our capabilities will facilitate superior protection, investigation, and response to contemporary threats.”

Expanding Microsoft’s Cybersecurity Portfolio

This acquisition represents one of several recent investments Microsoft has made in the cybersecurity sector. Last year, the company acquired CyberX to strengthen its Azure IoT security offerings.

More recently, Microsoft also acquired ReFirm Labs, a firm specializing in Internet of Things (IoT) security. These strategic acquisitions demonstrate Microsoft’s commitment to providing comprehensive cybersecurity solutions.

Source: TechCrunch