Darktrace To Buy Attack Insights Vendor Cybersprint For $53.7M

‘The data set and the technology and the technical requirements that we had mapped so incredibly well with Cybersprint that it made much more sense to accelerate our time to market and actually acquire them,’ says Darktrace’s Nicole Eagan.

ARTICLE TITLE HERE

Darktrace has agreed to purchase attack surface management vendor Cybersprint for $53.7 million to give customers insights that help eliminate blind spots and detect risks.

The Cambridge, England-based cybersecurity AI vendor said The Hague, Netherlands-based Cybersprint can enrich existing Darktrace products with external vulnerability data and accelerate Darktrace’s entry into new areas like proactive AI cybersecurity. Cybersprint’s capability will be introduced as a new module in the company’s Prevent product family, feeding organization-specific web data to Darktrace.

“The data set and the technology and the technical requirements that we had mapped so incredibly well with Cybersprint that it made much more sense to accelerate our time to market and actually acquire them rather than trying to build it ourselves,” Nicole Eagan, Darktrace’s chief AI strategy officer, told CRN. “This just was an obvious and a natural fit.”

id
unit-1659132512259
type
Sponsored post

[Related: Cybersecurity Vendor Darktrace Eyes IPO Amid Surging Sales]

Darktrace has invested heavily in applying AI to proactive areas of cybersecurity, and the company’s self-learning AI has modeled the typical behavior of every user and device to understand a business from the inside out, she said. Cybersprint excels at providing an outside in view that aligns with what adversaries sees and is specific to a target, company, or organization, according to Eagan.

Cybersprint will initially be a module in Darktrace’s Prevent suite in summer 2022, and Eagan anticipates their technology will also be used to address use cases around supply chain security, M&A transactions, and brand reputation. Cybersprint’s strength in external reconnaissance will complement Darktrace’s expertise around identifying key assets or crown jewels within an organization, according to Eagan.

Neither agents nor hardware need to be deployed with Cybersprint, which will make it easy for channel partners to allow their customers to trial the product. Partners can leverage Cybersprint’s attack surface management and Darktrace’s attack path modeling to provide continuous pen testing and red teaming services to customers on a subscription basis rather than as a once or twice-a-year project, Eagan said.

“This isn’t something that you run an analysis on once or twice a year and give it to your IT team to do a bunch of patching,” Eagan said. “This is something that continuously runs in the background because these environments are so dynamic and the attackers are always innovating.”

Darktrace will pay for Cybersprint using 75 percent cash and 25 percent, and the $53.7 million purchase price values Cybersprint at approximately 12.5 times the company’s annual recurring revenue. The deal is expected to close around March 1, and Cybersprint’s operations aren’t expected to be material to Darktrace’s results for the remainder of the company’s 2022 fiscal year.

Cybersprint was founded in 2015, has raised $3 million in two rounds of outside funding, according to LinkedIn and Crunchbase. The company most recently closed a $2.3 million Series A funding round in November 2018 led by Vortex Capital Partners.

Darktrace’s stock is up $12.47 (3.2 percent) to $402.12 per share in London trading Wednesday afternoon. Cybersprint employs between 40 and 50 people, and Eagan said most of them are expected to join Darktrace, with company founder and CEO Pieter Jansen continuing to lead the Cybersprint team.

“When we began conversations with Darktrace, we felt an instant connection on vision, culture, and technology,” Jansen said in a statement. “That’s why we are looking forward to joining Darktrace and working together to accelerate state-of-the-art innovations to make organizations more cyber secure.”

Through the acquisition, Darktrace will gain an additional European research and development center based in The Netherlands that will complement Darktrace’s mathematicians and software engineers based in England. Darktrace said Cybersprint’s employees bring a deep understanding of how to continuously model real-time internet data as well as ethical hacking expertise.

Cybersprint met with Darktrace while fundraising for its Series B round in the fourth quarter of 2021 and discovered a joint path that exceeded the goals of Cybersprint’s Series B funding plans, Jansen wrote in a blog post. Over the past 12 months, he said Cybersprint has been approached with acquisition offers from cybersecurity companies who feared missing out on the attack surface management market.

“At Darktrace, they already have complete visibility over the internal data of their customers – their customer’s email environment, SaaS data, operational technology, IoT, network, zero-trust and other coverage areas,” Jansen wrote. “But being able to combine those data sets and deriving insights from them will further drive breakthrough innovations.”

Cybersprint is a fantastic fit for Darktrace because of its technology, people, and data, according to Max Heinemeyer, Darktrace’s director of threat hunting. The company’s technology meets Darktrace’s architectural needs since it is unique to each customer, provides real-time and continuous data analysis, and has automation and integration built in, Heinemeyer wrote in a blog post.

The company’s world-class teams of researchers, ethnical hackers and developers are a great addition to Darktrace’s own research and development efforts, which have a heavy focus on AI, Heinemeyer said. And Cybersprint has access to and is able to intelligently analyze an up-to-date, continuous copy of the internet with its attack surface data, according to Heinemeyer.

“Our Attack Path Modeling is currently producing powerful results based on an organization’s internal data only – but by adding Cybersprint’s attack surface data and external asset information, we will have complete visibility, internal and external, and bespoke to each individual organization,” Heinemeyer wrote.