Microsoft to acquire RiskIQ to combat growing cyberthreats

Microsoft has agreed to purchase threat intelligence vendor RiskIQ to bolster its cloud security offerings and help customers address global cyberthreats.

Microsoft has agreed to acquire security intelligence vendor RiskIQ.

In a blog post Monday, Eric Doerr, vice president of cloud security at Microsoft, said the company entered into a definitive agreement with RiskIQ, though no further details of the terms have been revealed. Doerr said the acquisition, Microsoft's fifth this year so far, will add to the company's cloud offerings as organizations move toward more hybrid work environments with zero-trust security models and help customers build a more comprehensive view of the global threats to their businesses.

"With more than a decade of experience scanning and analyzing the internet, RiskIQ can help enterprises identify and remediate vulnerable assets before an attacker can capitalize on them," Doerr wrote in the blog.

Additionally, Doerr said RiskIQ offers global threat intelligence collected from across the internet, crowdsourced through its PassiveTotal LLC platform and community of security researchers.

RiskIQ helped scan for Microsoft Exchange vulnerabilities following the attack on the email server software in March, so this will not be the first time the companies have worked together. 

Chris Steffen, research director at Enterprise Management Associates, Inc., said RiskIQ is already a very large partner for Microsoft, so this is a natural acquisition for the software giant. Integrating the threat intelligence vendor will not be difficult as Microsoft already has a lot of RiskIQ integrations, including offerings for Microsoft Defender and Azure Sentinel, he said.

"I really think it will boost their Azure Security Services," Steffen said. "I know that they've made a number of other acquisitions lately in IoT and what have you. I think this is just the next logical step for them."

In June, Microsoft acquired ReFirm Labs to enhance IoT security. It made two purchases in April, first with Nuance Communications for $19.7 billion and then Kubernetes vendor Kinfolk for an undisclosed amount.

Dave Gruber, an analyst at Enterprise Security Group, a division of TechTarget, said the RiskIQ deal will aid in Microsoft's continued investment in strengthening its threat detection and analytics platform.

"Similar to Palo Alto's acquisition of Expanse, adding these capabilities strengthens the overall security platform by recognizing that you can't secure what you don't know about, including both unknown or vulnerable assets and global threats that can impact those assets," Gruber said in an email to SearchSecurity.

Over the past year, Microsoft has experienced high-profile attacks in addition to the Exchange email server attacks. Last month, the nation-state group behind the SolarWinds supply chain attack, which impacted the software giant last year, also compromised a Microsoft support agent's system. Microsoft said it removed access to the system and secured the device, but actors gained access to three Microsoft clients.

While Steffen thinks RiskIQ is a good purchase for Microsoft, he said it will be interesting to see how much Microsoft will allow the company to operate independently and pursue its own path.

Dig Deeper on Security operations and management

Enterprise Desktop
Cloud Computing