Cofense Buys Cyberfish To Proactively Block Email Attacks

Acquiring cybersecurity startup Cyberfish will allow Cofense to extend from its historic focus on enterprise and upper mid-market customers to the SMB and allow the company to accelerate its growth with MSPs.


Cofense has purchased cybersecurity startup Cyberfish to proactively block email-based attacks rather than just detecting and responding to what’s already gotten in.

The Leesburg, Va.-based anti-phishing vendor said its acquisition of Be’er Sheva, Israel-based Cyberfish will extend Cofense from its historic focus on enterprise and upper mid-market customers to the SMB and allow the company to tighten its bond with MSPs, CEO Rohyt Belani told CRN. Cyberfish’s cloud-native email protection can be installed directly to Office 365 or G Suite in just two minutes, Belani said.

“This is a big pivot for us,” Belani told CRN. “Cofense is open for business as far as MSPs and MSSPs are concerned.”

Sponsored post

[Related: The 20 Coolest SIEM, Risk And Threat Intelligence Companies Of 2020: The Security 100]

Cofense has up until now trained its customers to report suspicious emails, and Cofense has then used the intelligence from those reports to create products that stop phishing attacks in their tracks. But it’s become increasingly clear that customers want Cofense to apply its intelligence to prevent email-based attacks in the first place.

As a result, Belani said the company examined 11 different vendors with next-generation email security capabilities and ultimately decided to pursue Cyberfish thanks to its reasonable valuation and focus on the MSP market. Cyberfish makes managed services easy by supporting multi-tenancy out of the box at a reasonable price point and offering integrations with vendors like Datto, according to Belani.

Other potential acquisition targets in the email security space had an “inflated sense of self” and were demanding valuations at 100-times their annual revenue, while Cyberfish was “more reasonable,” said Belani, who declined to disclose the acquisition price. Cyberfish was founded in 2018 and employs 16 people, according to LinkedIn.

Cofense has historically focused its portfolio of phishing detection and awareness tools on customers with at least 3,000 users, and counts 300 of the Fortune 1000 among its customers, according to Belani. Conversely, Belani said Cyberfish has up until now been sold to customers with up to 5,000 employees, meaning that Cofense will spend the rest of the year fortifying Cyberfish to get it enterprise-ready.

The company started building out MSP and MSSP relationships over the past two weeks, and Belani said the Cyberfish acquisition will greatly accelerate those efforts by delivering both phishing simulation and email protection without operational friction. In the past two weeks alone, Belani said Cofense has had conversations with 11 MSPs who are interested in taking a look under the hood of Cofense’s offering.

With Cyberfish, Cofense can now ensure URLs in emails aren’t directing users to malicious files and verify that files are legitimate without any malware baked in at a fraction of what other pure-play email security vendors charge for protection. The filters on Cyberfish’s products are also set appropriately to ensure that Cofense’s phishing simulation emails reach user’s inboxes without any issues, Belani said.

Cofense and Cyberfish provide an additional layer of email protection, detection and response that complements what’s natively available through Microsoft without much overlap, Belani said. As a result, he said customers can combine Microsoft or Google with Cofense to address all their email security needs without having to spend nearly as much as what other third-party email security vendors charge.

“We’re turning extremely channel-friendly, especially when it comes to managed services folks,” Belani said.