Next-generation cybersecurity solutions vendor Sophos, has announced that it has acquired Braintrace, a deal that enhances its Adaptive Cybersecurity Ecosystem with Braintrace’s proprietary network detection and response (NDR) technology. Braintrace’s NDR provides deep visibility into network traffic patterns, including encrypted traffic, without the need for man-in-the-middle (MitM) decryption. US-based Braintrace launched in 2016 and is privately held.
As part of the acquisition, Braintrace’s developers, data scientists and security analysts have joined Sophos’ global managed threat response (MTR) and Rapid Response teams. Sophos’ MTR and Rapid Response services business has expanded rapidly, establishing Sophos as one of the largest and fastest-growing MDR providers in the world, with more than 5,000 active customers.
Braintrace’s NDR technology will support Sophos’ MTR and Rapid Response analysts and extended detection and response (XDR) customers through integration into the Adaptive Cybersecurity Ecosystem, which underpins all Sophos products and services.
According to Sophos, the Braintrace technology will also serve as the launchpad to collect and forward third-party event data from firewalls, proxies, virtual private networks (VPNs), and other sources. These additional layers of visibility and event ingestion will significantly improve threat detection, threat hunting and response to suspicious activity.
“You can’t protect what you don’t know is there, and businesses of all sizes often miscalculate their assets and attack surface, both on-premises and in the cloud. Attackers take advantage of this, often going after weakly protected assets as a means of initial access. Defenders benefit from an ‘air traffic control system’ that sees all network activity, reveals unknown and unprotected assets, and exposes evasive malware more reliably than Intrusion Protection Systems (IPS),” said Joe Levy, Chief Technology Officer, Sophos. “We’re particularly excited that Braintrace built this technology specifically to provide better security outcomes to their Managed Detection and Response (MDR) customers. It’s hard to beat the effectiveness of solutions built by teams of skilled practitioners and developers to solve real world cybersecurity problems.”
Sophos will deploy Braintrace’s NDR technology as a virtual machine, fed from traditional observability points such as a switched port analyser (SPAN) port or a network test access point (TAP) to inspect both north-south traffic at boundaries or east-west traffic within networks.Click below to share this article