Darktrace bolsters ‘proactive’ attack prevention smarts with Cybersprint acquisition

AI-powered cybersecurity company Darktrace has revealed plans to acquire Cybersprint, an attack surface management platform that enables users to automatically discover all the assets in their attack surface to find and monitor risks.

The $53.7 million deal, which constitutes a mix of cash (75%) and equity (25%), represents Darktrace’s first acquisition in its nine-year history.

With cyberattacks on the rise, AI and automation are key weapons in companies defensive arsenal — partly because it helps plug the cybersecurity skills gap, but also because many attacks themselves are automated, making it difficult for mere mortals alone to keep on top of things.

Founded out of Cambridge, U.K., in 2013, Darktrace is known for its real-time threat detection smarts, which leans on machine learning techniques to adapt and improve over time — it’s pitched as a “digital immune system” that can counter ransomware, phishing, and threats to cloud environments and other critical enterprise infrastructure.

Cybersprint, which was founded out of The Hague, The Netherlands, in 2015, has amassed an impressive roster of customers including Dutch multinational banking giant ING.

For Darktrace, the core appeal in bringing Cybersprint under its wing can be split into three core areas.

Technology, people, and data

On the technology front, Max Heinemeyer, Darktrace’s director of threat hunting, said that Cybersprint had to meet three main technical and architectural requirements, including the ability to deliver a “bespoke perspective” of each customer’s attack surface without having access sensitive customer data, or forcing customers to go through lengthy installations and integrations. It also had to be built around automation and integrations.

Moreover, the technology had to enable real-time and continuous data analysis.

“This is critically important for Darktrace’s continuous cyber AI loop,” Heinemeyer noted in a blog post. “We always operate on real-time data that is continuously updated as things change — so does Cybersprint.”

On the people front, Cybersprint will also go some way toward helping Darktrace tackle the perennial skills shortage.

“Their world-class teams of researchers, ethical hackers and developers are a great addition to our own R&D capabilities in Cambridge, who have a heavy focus on AI,” Heinemeyer said.

In terms of data, well, Cybersprint will bring “unparalleled access to attack surface data,” according to Heinemeyer, who refers to this as “basically, an up-to-date, continuous copy of the internet.”

Digging a little deeper into the details of today’s news, it’s clear that Darktrace is looking to bolster its existing detection and response capabilities with a more proactive, preventative approach, a strategy the company has previously confirmed it would be embracing.

Indeed, while Darktrace already promises visibility into its customers’ internal data, spanning their email and SaaS environments, IoT, networks, and so on — Cybersprint brings more external data and telemetry signals to the mix.

“Our attack path modeling is currently producing powerful results based on an organization’s internal data only — but by adding Cybersprint’s attack surface data and external asset information, we will have complete visibility, internal and external, and bespoke to each individual organization,” Heinemeyer explained.

Darktrace said that it expects to close the acquisition by March 1, 2022.