RiskIQ has acquired PassiveTotal adding its threat analysis platform to its portfolio of services. The newly released PassiveTotal Platform already uses the data collection services that RiskIQ can provide and together RiskIQ can now offer a platform that will allow organisations to have a greater visibility of what that data actually means.
The cyber intelligence market is slowly consolidating, either through acquisition such as this or through the sharing of data between vendors, such as the recent deal between IBM, Soltra and FS-ISAC. RiskIQ, consolidates data collected from enterprise assets with information gleaned from the internet to provide a comprehensive overview of threats to those enterprises.
This latest acquisition makes sense for RiskIQ as it will enable it to take a greater share of customer revenues and provide a more complete solution that it has before. Data provided by RiskIQ is sourced from more than 520 egress points in 40+ countries. It includes more than 9 million websites and more than 140 mobile app stores every day. RiskIQ now has a platform that can fully interpret that data and provide information for security analysts to react to.
Elias Manousos, CEO of RiskIQ commenting in the press release said: “The massively increasing size and scale of the Internet, continues to lower the bar for hackers to carry out successful attacks.
“Attackers simply have too many places to hide online. The combination of RiskIQ and PassiveTotal gives customers the ability to detect threats that exist in their digital footprints and map out the attack infrastructure of their adversaries, leaving the bad guys with nowhere to hide.”
PassiveTotal not standing still
Founded in June 2014 by Brandon Dixon and Stephen Ginty they have constantly evolved a platform designed by analysts, to be used by analysts. Alongside the acquisition announcement they also announced a new release of the PassiveTotal platform that changes the look and feel as well as adding some new datasets. The datasets included provide the ability to pivot using WHOIS and SSL certificates. It is also possible to see the passive DNS sources using RiskIQ data sources as well. The new dataset is also available via API and the free Maltego transform set.
This was the opportune time for RiskIQ to make this acquisition, as with more than 2,800 customers PassiveTotal will soon start accessing other data sets and come to the attention of other vendors. It will be interesting to see how independent PassiveTotal remain within the RiskIQ company but the comments from both sides indicate that this is as much a friendly merger as an acquisition. One option may have been to go the IBM X-Force route where they retain their independence but gain from the parent company reach.
Stephen Ginty, Co-Founder of PassiveTotal in a canned statement said: “We are committed to providing security analysts with the most comprehensive view into the adversary’s infrastructure. By bringing together critical data sources, we can now enable analysts to quickly and confidently assess incidents within their networks.
“RiskIQ was the right partner to help us take our technology to the next level, as its extensive data set and mission align perfectly with our values. It has the infrastructure, resources, and customer base to support our growing community of users and expand the use of our platform into the broader enterprise market. It was a natural fit.”
Brandon Dixon is probably more effusive in the blog post on the PassiveTotal site in saying: “Setting out to change the way threat infrastructure analysis was viewed and conducted by analysts has been a fulfilling and challenging process. Teaming up with RiskIQ felt like a natural next step in our adventure and we are excited for everyone to be part of it.”
