In an extension of a strategy aimed at weaving next-generation security technologies together with traditional protections to provide defense in depth, security vendor Sophos Ltd. has acquired Invincea Inc., a Fairfax, Va.-based maker of anti-virus software that relies on neural network algorithms rather than signatures to detect and block malware in real time.
Terms of the sale include $100 million in cash and an earn-out clause contingent upon unspecified conditions that’s potentially worth a further $20 million.
The purchase adds machine learning-based malware protections to next-generation technologies from Sophos that already include tools for detecting malicious HTTP traffic and performing reputation checks on files and applications before users download them.
“Sophos believes that machine-learning techniques are as critical a component as exploit-based detection to a comprehensive defense against today’s sophisticated threats,” said Dan Schiappa, senior vice president and general manager of the Enduser and Network Security Groups at Sophos, in emailed responses to queries from ChannelPro. “Invincea’s technology and data science expertise solidifies Sophos’ position as a leader in next-gen security.”
Sophos plans to combine Invincea’s software with new, internally developed technology in a forthcoming end point security solution scheduled to reach market by the end of this year.
That offering, like other products in the growing Sophos solution portfolio, will integrate with the Sophos Central administration portal that the vendor introduced last April, as well as the company’s Sophos Heartbeat security synchronization technology, which enables stand-alone security solutions to share information and coordinate protection.
In this case, Heartbeat functionality will enable the new Invincea-equipped end point protection solution currently being developed to notify the company’s XG Firewall and SafeGuard Encyption products automatically any time it identifies new malware, so those systems can immediately isolate the targeted end point and protect its data.
That new solution will eventually be available to members of the MSP partner program Sophos launched last May at subscription-based prices, Schiappa suggested.
The Sophos end point security product lineup already contains a signature-less offering introduced last September named Intercept X that has components for blocking ransomware and advanced exploits, performing root cause analyses of successful attacks, and eliminating spyware and other forms of deeply embedded malware. Invincea’s solution, which is especially proficient at predictively identifying malware in portable executable files like .DLLs and .EXEs, adds another weapon to that existing arsenal of safeguards.
According to Schiappa, Sophos doesn’t view conventional, signature-based security products and next-generation solutions like Invincea’s and Intercept X as an either-or proposition, believing instead that the best defense against today’s continually evolving threats capitalizes on the strengths of both approaches. Trend Micro Inc., of Irving, Texas, unveiled a strategy founded on similar convictions last October.
The Sophos product family has grown rapidly in the last year. Other newcomers besides Intercept X and a new “always-on” edition of SafeGuard Encyption released in July include a cloud-based email security solution shipped in August an anti-phishing education tool launched just under two weeks ago.
Sophos plans to place former Invincea CEO Anup Ghosh and COO Norm Laudermilch in new leadership roles. Invincea Labs LLC, a separately managed division of Invincea with headquarters in Arlington, Va., was not included in today’s transaction and will operate as an independent business.
Word of the Invincea acquisition arrived on the same day Sophos disclosed financial results for the third quarter of its 2017 fiscal year, which included 16.1 billings growth. The company also reported that in its first full quarter as part of the Sophos product roster, Intercept X picked up over 3,300 customers, contributing to a more than 20 percent increase in billings for end user security products.