Sophos drops $32m on SurfRight to enhance threat detection

Cybersecurity2Security vendor Sophos has bought Dutch cloud security vendor SurfRight, which specialises in endpoint threat detection and response (ETDR) and threat prevention, for $31.8 million.

Sophos said it will immediately integrate the SurfRight technology into its line of endpoint security systems and on completion will make the technology available via its global channel of 15,000 partners.

Sophos will continue development and support for SurfRight’s existing product line including its popular HitmanPro range of malware scanning and removal tools, which has 20 million users worldwide. Sophos will retain all SurfRight employees and the company’s office in Hengelo. SurfRight CEO Mark Loman will join the Sophos Enduser Security Group.

Hengelo-based SurfRight develops technology that detects and stops attacks by interrupting the malware and advanced persistent threat (APT) vectors. The software spots any dubious looking memory manipulations, which are often a hallmark of malicious code that might be running furtive activity. The ability to nip these exploits in the bud can fortify endpoint security mechanisms, by thwarting malicious code’s abuses of processor and memory resources. Surfright’s portfolio also includes anti-espionage and anti-ransom software to prevent the growing threat of malware software such as CryptoLocker.

The logic of the deal, for SurfRight, is a high-growth industry leader with a world channel and the support of specialized product development teams, according to SurfRight CEO Mark Loman. “We built this technology to address every vector of an APT attack in an auto-responding, coordinated manner,” he said.

Sophos’ security strategy uses multiple components of security protection, including network security and endpoint security that continuously communicate with each other. This, says Sophos, makes for faster threat detection and cuts the time and resources needed for investigating security incidents.

Interrupting and mitigating custom-made malware is becoming increasingly important as traditional antivirus and network-based intrusion detection systems cannot cope with the speed of threats generated in the modern cloud environment, according to Dan Schiappa, senior VP of Enduser Security at Sophos.