Vendor plans channel-driven MDR services combining Rook, DarkBytes technologies
Security vendor Sophos this week said it would acquire Rook Security, a threat hunting and incident response firm based in Indianapolis.
The Lowdown: Sophos officials said they plan to combine Rook’s threat detection, investigation, and response capabilities with the technology platform the vendor acquired in January from DarkBytes to create re-sellable MDR services. Those services will be brought to market exclusively by Sophos’ 47,000 channel partners worldwide, the company said.
The Details: Terms of the deal were not disclosed.
Sophos also plans to align its security technology and product portfolio with Rook’s 24/7 services for MDR customers. As part of the new MDR service offerings, Rook’s domain experts will review the security posture of MDR clients to ensure optimal configuration of Sophos products based on policy and threat model, officials said.
The Buzz: “Cybercriminals are relentlessly trying to exploit organizations with techniques ranging from tried-and-true phishing e-mails to the more recent trend of ‘hacker pen-testing’ to find weaknesses in their surface area. As a result, businesses need 24/7 monitoring and management of what is happening on their network, yet many of them do not have the expertise, can’t keep up, or don’t have the security teams in-house to optimally configure and manage security around-the-clock,” said Joe Levy, CTO at Sophos. “With MDR, Sophos’ channel partners will be able to provide businesses of all sizes with expert services that continuously detect, hunt for, and respond to security incidents.”
“Rook Security provides managed detection and response services to detect and eliminate cyberthreats. Through threat hunting and data analytics, Rook Security’s experts rapidly detect and mitigate active attacks,” said J.J. Thompson, founder and CEO of Rook Security. “We are excited to bring our experts and service delivery innovation to Sophos, a global leader in next-generation cybersecurity. Together, we can implement faster, more effective threat detection and response capabilities to better protect businesses.”