Rapid7 Buys Threat Intelligence Startup IntSights For $335M
‘Sophisticated threat intelligence capabilities are typically only realistic for the most mature, well-resourced organizations. But IntSights is disrupting that,’ says Rapid7 Chairman and CEO Corey Thomas.
Rapid7 has purchased IntSights for $335 million to provide customers with a unified view into threats, attack surface monitoring, relevant insights, and proactive threat mitigation.
The Boston-based cybersecurity company said its acquisition of New York-based threat intelligence startup IntSights will enhance Rapid7’s extended detection and response (XDR) offering with alerts that ensure efficient security operations, earlier threat detection, and accelerated response times. The IntSights cash and stock deal is the largest acquisition in Rapid7’s 22-year history, surpassing its April 2020 purchase of DivvyCloud.
“By integrating IntSights’ external threat intelligence capabilities into Rapid7’s XDR solution, InsightIDR, we expect to provide security teams with expanded visibility and detections of internal and external threats across their traditional and modern environments,” Richard Perkett, Rapid7’s senior vice president of detection and response, said in a statement.
[Related: Rapid7 Buys Velociraptor To Attack Incident Response Market]
IntSights was founded in 2015, employs 216 people, and has raised $71.3 million in five rounds of outside funding, according to LinkedIn and Crunchbase. The company most recently closed a $30 million Series D round in November 2019 led by Qumra Capital.
“We founded IntSights to make threat intelligence instantly accessible and actionable for organizations of any type and size,” IntSights Co-Founder and CEO Guy Nizan said in a statement. “We are excited to join Rapid7 to continue this mission and to bring our threat intelligence capabilities to even more customers.”
IntSights allows organizations to gain the full benefits of a threat intelligence program – no matter its scope or sophistication – while also reducing the workload on security teams, according to Rapid7. Unlike many other threat intelligence tools in the market today, Rapid7 said IntSights provides continuous coverage for external threats from identification to mitigation to remediation.
IntSight’s technology will continue to be sold as a standalone threat intelligence offering and will be used to enhance Rapid7’s XDR offering. In addition, the company’s external threat intelligence capabilities will be brought to Rapid7’s platform to unlock faster threat identification and remediation across the company’s entire portfolio, according to Rapid7.
The company monitors the clear, deep, and dark webs to identify threats specifically targeting an organization’s digital footprint, including things like data and credential leakage, fraud, and malicious activity tied to their brand, said Rapid7 Chairman and CEO Corey Thomas (pictured). IntSights also goes beyond monitoring and acts by proactively remediating with automated takedowns of threats, Thomas said.
“Sophisticated threat intelligence capabilities are typically only realistic for the most mature, well-resourced organizations,” Thomas wrote in a blog post Monday. “But IntSights is disrupting that and democratizing threat intelligence so that every organization can protect itself, regardless of size and capabilities.”
From an XDR standpoint, IntSights will deliver improved signal-to-noise and higher-fidelity alerts to drive earlier threat detection and accelerated response, Perkett wrote in a blog post Monday. Combining IntSight’s external threat view with Rapid7’s knowledge of customers’ digital footprints and community-infused threat intelligence unlocks a comprehensive view of the customer’s attack surface, Perkett said.
Beyond XDR, Rapid7’s platform will leverage IntSights’ contextualized external threat intelligence to power and strengthen the company’s threat library, risk scoring, and vulnerability prioritization, said Chief Innovation Officer Lee Weiner. These enhancements should make it easier for customers take a proactive approach to addressing the security concerns of tomorrow, Weiner wrote in a blog post.
“Our customers are increasingly looking to understand more about adversary groups, tactics and techniques, and why they were targeted,” Weiner said. “Investing in more scalable ways to connect this internal [customer] profile to an external view of the world increases our ability to deliver timely, relevant, and actionable intelligence.”
This is Rapid7’s fourth acquisition since the start of 2020, coming less than three months after the company bought open-source technology Velociraptor to gain more expertise around endpoint monitoring, digital forensics, and incident response. In January 2021, Rapid7 purchased early-stage Kubernetes security vendor Alcide for $50 million to help facilitate the rapid deployment of applications.
Nine months before that, Rapid7 bought DivvyCloud for $145 million to help customers protect cloud and container environments from misconfigurations and policy violations. All told, Rapid7 has made 11 acquisitions since October 2009, according to Crunchbase.