Share this article on:
IBM is aiming to boost its cyber security toolkit by acquiring Randori, an offensive security start-up that combines attack surface management (ASM) with continuous automated red teaming (CART).
Based in Boston, US, Randori was founded in 2018 by a former Carbon Black executive and a former red team consultant. The company's service offering helps organisations identify external facing assets, both on-premise or in the cloud, which are visible to attackers.
To stay ahead of today's threats, according to Brian Hazzard, co-founder and CEO of Randori, knowledge of "what's exposed" and "how attackers view your environment" is key.
"We started Randori to ensure every organisation has access to the attacker's perspective.
"That's exactly what Randori provides," Hazzard said.
Randori Recon is designed to provide continuous assessment of an organisation's attack surfaces based on the attacker's perspective. By automating real-world attacks to identify where security programs break down, the attack platform provides clarity for security teams with insights into "hacker logic" which include understanding how malicious cyber actors plan, target and execute attacks.
As a result of the pandemic-fuelled shift to remote and hybrid working, Attack Surface Management (ASM) has become essential with the number of potential exposure points in hybrid cloud operating environments. According to ESG Data, 67 per cent of organisations saw their external attack surface expand over the past two years due to the use of cloud, third-party services and internet of things (IoT) devices. Over 69 per cent of organisations have been compromised ESG Data has revealed, via unknown, unmanaged, or poorly managed internet-facing assets.
After IBM's takeover of endpoint security platform ReaQTA, the move signals a major shift away from its legacy business to cloud software and AI-powered cyber security services. With its latest acquisition, IBM is reportedly set to integrate Randori's attack surface management software with the extended detection and response (XDR) capabilities of its IBM Security QRadar suite, which will enable security teams to leverage real-time attack surface visibility.
Randori's CART technology, which enables security teams to stress test defences, will give IBM's X-Force Red offensive security services team a boost; while Randori insights will be leveraged by IBM's Managed Security Services to help improve threat detection for thousands of clients.
"If we're going to turn the tables on attackers, we need to start acting like them with continuous automation of their latest techniques," Kevin Skapinetz, VP of strategy and business development at IBM Security, said.
In an interview with TechCrunch, Skapinetz said the "hacker-led approach to ASM" that Randori brings to the table is "truly unique", as it is designed to help companies view their exposures just like an attacker would.
"Randori brings us that ability while further enhancing the offensive security skills we bring to the table with our elite team of hackers at X-Force Red.
"Their prioritisation factors in not only the risk level of the vulnerability but also the attractiveness of an asset to potential attackers, based on real work attacks and popular targets and techniques that today's attackers are using," Skapinetz said.
While the financial terms of the deal have not been disclosed, according to Crunchbase data, Randori's valuation ranges between $50 million to $100 million.
The start-up has raised almost $30 million across two funding rounds, most recently a $20 million Series A investment led by Harmony Partners in April 2020.
IBM's fourth acquisition of 2022 is expected to close in the next few months, subject to regulatory approval.
[Related: Shadow cyber security minister named]