Security firm Sophos revealed that it has purchased Braintrace, a cybersecurity startup that provides network detection and response (NDR) technology.
Braintrace specifically offers services to bolster visibility into “suspicious” network traffic. The transaction is expected to expand Sophos’ Managed Threat Response (MTR), Rapid Response, Extended Detection and Response and Data Lake services by adding “novel” threat-intelligence features. Sophos will also incorporate Braintrace NDR tech to upgrade its own Adaptive Cybersecurity Ecosystem, which underpins Sophos’ complete portfolio. Braintrace’s assets will serve as a launchpad for collecting and forwarding third-party event data from firewalls, proxies, virtual private networks (VPNs) and other sources, to improve support for threat detection, hunting and response. This proprietary technology provides “deep” visibility into network traffic patterns, including encrypted traffic, without necessitating “man-in-the-middle” decryption.
Sophos plans to deploy the NDR technology as a virtual machine, fed from traditional observability points such as a Switched Port Analyzer port or a network Test Access Point to inspect traffic at networks and their boundaries. The NDR technology should debut in the first half of 2022.
The transaction also includes Braintrace developers, data scientists and security analysts, all of which joining Sophos’ MTR and Rapid Response teams.
Sophos has more than 5,000 active managed detection and response customers, worldwide.