Amazon Web Services Buys Threat Hunting Startup Sqrrl


Amazon Web Services has given its new threat detection service a shot in the arm by purchasing cybersecurity software company Sqrrl.

Cambridge, Mass.-based Sqrrl's advanced threat hunting capabilities are expected to align well with Amazon GuardDuty, an intelligent threat detection service Amazon launched in November focused on protecting AWS accounts and workloads.

"We will be joining the Amazon Web Services family, and we're looking forward to working together on customer offerings for the future," Mark Terenzoni, Sqrrl's CEO, said in a statement posted to the company's website. "Over time, we'll work with AWS to do even more on your behalf."

[Related: Comcast Dubs AWS 'Preferred' Provider As Cable Giant Leans On Public Cloud To Stay Nimble, Competitive]

Sponsored post

AWS and Sqrrl didn't immediately respond to requests for additional comment. Terms of the deal were not disclosed, though Axios reported in December that the purchase price was expected to be just over $40 million. Amazon's stock is up $6.06 (0.44%) to $1,368.60 per share in pre-market trading Wednesday.

Beefing up Amazon's security portfolio should help solution providers with overcoming one of the most common objections to public cloud migration, according to Michael Lomonaco, director of marketing and communications at Grand Rapids, Mich.-based Open Systems Technologies, No. 136 on the 2017 CRN Solution Provider 500.

"AWS certainly continues to make interesting and smart strategic acquisitions to beef up their security portfolio," Lomonaco told CRN. "We collectively as an industry must get better at fending off the bad guys."

The Sqrrl acquisition should also boost OST's connected products practice, Lomonaco said. OST is constantly evaluating options within its vendor partner network to figure out how it can further strengthen security for its customers and itself, he said.

"When you put millions of connected devices in the hands of consumers, security is at the forefront," Lomonaco said. "It is certainly part of every connected product and IoT conversation that we have."

Sqrrl was founded in 2012 by ex-NSA employees, and currently employs 55 people. The company has raised $26.5 million in four rounds of funding, according to Crunchbase, capped off by a $12.3 million Series C round in June led by Spring Lake Equity Partners.

The company analyzes big data to hunt cyberthreats, helping companies identify and address them faster. Sqrrl utilizes linked data, machine learning, user and entity behavior analytics, risk scoring, and big data technologies to uncover malicious patterns and anomalies hidden within security data sets, according to the company.

Amazon GuardDuty, meanwhile, uses both AWS-developed threat intelligence and industry-leading third-party sources to identify events that fall outside the normal patterns of activity. Customers using GuardDuty from the get-go include GE, Netflix, Autodesk, Twillo, Webroot and Mapbox, Amazon said.

Sqrrl works with an array of distributors, VARs, consultants, systems integrators and MSSPs to get its offering into the hands of more end customers. Sqrrl gives its VAR, consulting and systems integrator partners marketing and technical training, with the company providing necessary technical support for end users.

MSSPs, meanwhile, offer Sqrrl's threat hunting and incident investigation as a managed service hosted either in the MSSP's or end user's ecosystem, according to the company's website. The company said it provides its MSSPs with the technical and sales training needed to effectively market and deliver Sqrrl.

Consulting giant Deloitte, No. 15 on the 2017 CRN Solution Provider 500, said in November that it would be leveraging Sqrrl's threat hunting platform in Europe, the Middle East and Africa to identify compromises and threat actors in its customers' IT environments as part of an as-a-service offering.

Sqrrl also conducts tight technical integrations of the product to those of its OEM technology partners, which include Amazon, Carbon Black, Dell, Hewlett Packard Enterprise, IBM, and Splunk. These integrated offerings allow OEMs to bolster their threat hunting, incident investigation and user and entity behavior analytics capabilities, according to Sqrrl.