With this acquisition, Sophos is now the leading pure-play cybersecurity provider of Managed Detection and Response (MDR) services, supporting more than 28,000 organizations of all sizes worldwide. The combination will enable Sophos to deliver an unparalleled security operations platform, featuring hundreds of built-in integrations for adaptive protection, detection and response for mitigating cyberattacks. The open and scalable platform helps organizations, especially those with diverse IT estates, safeguard current and future technology investments, providing greater operational efficiencies and return on cybersecurity spend. Sophos X-Ops is also expanding its threat intelligence and security services capabilities by adding the Secureworks Counter Threat Unit and security operations and advisory teams.

As a channel-first cybersecurity provider, Sophos remains unwavering in its commitment to delivering cutting-edge security services and technologies that empower our global community of resellers, Managed Service Providers (MSPs) and Managed Security Services Providers (MSSPs). This includes expanding their reach, enhancing operational scalability and providing stronger defences to the countless organizations that need the ability to effectively defend against today’s constant and complex cyberattacks.

“The market is embracing MDR as a clear means to deliver positive cybersecurity outcomes, and this has meant rapid growth in the category,” said Joe Levy, CEO, Sophos. “Sophos is differentiated by our very mature competencies in ransomware detection, malware analysis and threat actor tradecraft. These defences are further augmented by Sophos’ native artificial intelligence (AI), first innovated by our globally peer-recogniwed AI team nearly a decade ago, and embedded in our MDR, endpoint, network, email, and cloud security to more effectively neutralize and stop threats. With the integration of Secureworks, our expanded services and product portfolio will provide even stronger end-to-end security solutions that will include identity threat detection and response (ITDR), next-gen SIEM and managed risk, all in a single open platform. We will also be able to further advance our AI, threat intelligence and attack research through more diverse and deeper global telemetry that is analyst-tuned for the real world. At every level, we are very excited about this next accelerated chapter for Sophos.”

In the near term, Sophos and Secureworks are operating business as usual, working with our respective channel partners, MSPs and MSSPs worldwide to distribute our existing security services and technology. Both companies’ sales and customer experience groups will operate to support existing customers, assist with renewals and develop current and new business opportunities. Sophos protects more than 600,000 customers worldwide with its portfolio of MDR, endpoint, network, email, and cloud security solutions that integrate and adapt to provide real-time defence through the Sophos Central platform.

Under the terms of the agreement, Sophos acquired Secureworks in an all-cash transaction valued at approximately $859 million. Secureworks shareholders, including Dell Technologies, will receive $8.50 per share in cash. This represents a 28% premium to the unaffected 90-day volume-weighted average price (VWAP). Kirkland & Ellis LLP acted as legal counsel to Sophos, Goldman Sachs & Co. LLC., Barclays, BofA Securities, HSBC Securities (USA) Inc., and UBS Investment Bank acted as financial advisors and provided debt financing for the transaction. Piper Sandler & Company and Morgan Stanley & Co. LLC acted as financial advisors to Secureworks, and Paul, Weiss, Rifkind, Wharton & Garrison LLP acted as legal counsel.

Founded in 2010, with over 170 employees worldwide, Cyberint is one of the fastest-growing External Risk Management companies in the market. Recognized as ‘Company of the Year’ in 2023 by Frost & Sullivan in the External Risk Mitigation & Management category. Organizations face critical security challenges every day, including stolen employee credentials, fake websites, and social media impersonation. To prevent these and other challenges from negatively impacting companies, Cyberint specializes in threat intelligence, digital risk protection, and attack surface management, serving a diverse global clientele, including Fortune 500 companies.

“Leaked credentials and fake websites designed for malicious purposes are staggeringly prevalent today, with over 90% of organizations facing these threats. This highlights the urgent need for real-time intelligence and proactive defence strategies, which our technology is able to mitigate in an effective way,” said Yochai Corem, CEO at Cyberint. “We are thrilled to join the Check Point team. Integrating our solutions into the Infinity Platform will enhance our ability to protect organizations. Together, we will offer a more comprehensive security SOC offering that covers both internal and external threats.”

“We are excited to welcome Cyberint to the Check Point organization. Their solution aligns perfectly with our vision of collaborative threat prevention and enhances our SOC capabilities,” stated Sharon Schusheim, Chief Services Officer at Check Point Software Technologies. “We will be able to turn identified risks into autonomous preventative actions and work collaboratively across Check Point and third-party security products to contain compromised assets and mitigate external exposures.”

Cyberint’s key capabilities include:

1. A Comprehensive External Risk Management Solution for SecOps Teams: Cyberint’s solution offers detection and takedown of impersonating website and social media accounts, as well as stolen credentials and leaked data associated with organizations. It also enables companies to detect vulnerable internet-facing websites and applications and prioritize and effectively mitigate these vulnerabilities.
2. Differentiated by Delivering Impactful and Actionable Intelligence: Cyberint delivers actionable intelligence within 20 minutes after setup, ensuring that security teams can respond to threats promptly.
3. Powered by AI and Enhanced by High-Quality Managed Services: Cyberint uses AI to deliver effective risk detection, mitigation, and contextualized alerts with minimal false positives. Managed services further strengthen this approach, offering expert guidance and ensuring comprehensive, high-quality management.

Closing of the transaction is subject to customary closing conditions and is expected to occur by the end of 2024.

“Welcoming Perimeter 81 into the Check Point family fortifies our position in the SASE market,” stated Gil Shwed, CEO at Check Point Software Technologies. “Their unique suite, which offers Zero-Trust Access, full mesh connectivity, and swift one-hour deployment, aligns perfectly with our vision of delivering the industry’s fastest, most secure SASE solution.”

Perimeter 81’s technology offers a unique suite of capabilities:

1. Fast and secure Internet access for remote users and branch offices
2. Cloud delivery with on-device network protection; avoiding latency, complexity and privacy concerns
3. Zero-Trust with full mesh connectivity among users, branches and applications
4. Simple and fast one-hour deployment
5. Intuitive administration that reduces day-to-day overhead

“Check Point Infinity, the industry’s only consolidated cybersecurity architecture, shields enterprises across networks, endpoints, cloud, and mobile devices. This robust system not only meets the challenges posed by expanding connectivity and security gaps but also ensures collaborative threat intelligence sharing. The incorporation of Perimeter 81 into Check Point Infinity will heighten security precautions from the initial development phase, pinpoint vulnerabilities, and guide the necessary rectifications,” the company said.

Complementing this move, Check Point’s recent acquisition of Atmosec, a company specializing in the rapid discovery and disconnection of malicious SaaS applications, stands as a testament to the company´s proactive stance to enhance its SaaS security offering and bridge security gaps in SaaS applications. The inclusion of both Perimeter 81 and Atmosec with Check Point Infinity’s architecture will deliver a complete SASE offering across internet access, Zero-Trust private access, SaaS security and SD-WAN. This positions Check Point to lead in delivering unparalleled security solutions tailored to intricate cloud environments.

Mandiant, which is known for delivering unparalleled frontline expertise and industry-leading threat intelligence, is a proven first responder to the world’s largest cybersecurity incidents. Mandiant’s services, delivered by their team of security and intelligence individuals spread across 22 countries, are widely recognized for helping top enterprises and organizations prepare for and react to cybersecurity incidents.

With this acquisition, Google Cloud and Mandiant will deliver an end-to-end security operations suite with even greater capabilities to support customers across their cloud and on-premise environments. “The completion of this acquisition will enable us to deliver a comprehensive and best-in-class cybersecurity solution,” said Thomas Kurian, CEO of Google Cloud. “We believe this acquisition creates incredible value for our customers and the security industry at large. Together, Google Cloud and Mandiant will help reinvent how organizations protect themselves, as well as detect and respond to threats.”

Organizations today are facing cybersecurity challenges that have accelerated in frequency, severity and diversity, creating a global security imperative. Enterprises need to be able to detect and respond to malicious actors quickly, with actionable threat intelligence to continually protect their organizations against new attacks.

“Mandiant is driven by a mission to make every organization secure from cyber threats and confident in their readiness,” said Kevin Mandia, CEO, Mandiant. “Combining our 18 years of threat intelligence and incident response experience with Google Cloud’s security expertise presents an incredible opportunity to deliver with the speed and scale that the security industry needs.”