IBM announces plans to acquire Randori to tackle attack surface risks

The acquisition adds automation and skills to IBM X-Force's offensive cybersecurity team, Big Blue said

IBM is set to expand its cybersecurity portfolio as it announced plans to acquire Randori in a bid to help further simplify threat detection and response.

The attack management software provider (ASM) helps clients identify external facing assets that are visible to attackers - and prioritise exposures which pose the greatest risk.

Big Blue says the acquisition will add automation and skills to IBM X-Force's offensive cybersecurity team while bringing in an attackers' point-of-view.

"(This) further advances IBM's Hybrid Cloud strategy and strengthens its portfolio of AI-powered cybersecurity products and services," IBM said.

Upon the close of the deal, IBM says it wants to integrate Randori's ASM software with the extended detection and response (XDR) capabilities of IBM Security QRadar.

By doing this, security teams will be able to leverage real-time attack surface visibility for intelligent alert triage, threat hunting, and incident response, according to the tech giant.

"Our clients today are faced with managing a complex technology landscape of accelerating cyberattacks targeted at applications running across a variety of hybrid cloud environments - from public clouds, private clouds and on-premises," said Mary O'Brien, general manager of IBM Security.

"In this environment, it is essential for organisations to arm themselves with attacker's perspective in order to help find their most critical blind spots and focus their efforts on areas that will minimise business disruption and damages to revenue and reputation."

IBM is making the move as investigations into recent data breaches show that despite increased investment, companies continue to struggle with managing their attack surface.

IBM says 67 per cent of organisations saw their external attack surface expand over the past two years due to the rising use of cloud, third-party services, the internet of things and cyber-physical systems.

A total of 69 per cent have also been compromised via unknown, unmanaged, or poorly managed internet-facing asset in the past year.

Randori would be IBM's fourth acquisition in 2022 as the company continues to bolster its hybrid cloud and AI skills and capabilities, including in cybersecurity.

Brian Hazzard, Co-Founder & CEO at Randori, said: "To stay ahead of today's threats, you need to know what's exposed and how attackers view your environment - that's exactly what Randori provides.

"By joining forces with IBM, we can greatly accelerate this vision and strategy - leveraging IBM's deep expertise in AI, threat intelligence, offensive security and global reach. Together, we can arm the industry with the attacker's perspective - helping to give every organization the visibility and insight needed to get in front of the next wave of attacks."