Sophos acquires Braintrace to supercharge its threat detection capabilities

Thoma Bravo-owned Sophos has announced it’s acquiring Braintrace, a cybersecurity startup that provides organizations visibility into suspicious network traffic patterns. Terms of the deal were not disclosed.

Braintrace, which was founded in 2016 and has raised $10 million in funding, has developed a network detection and response (NDR) solution that helps organizations to easily inspect network traffic to identify and filter out suspicious activity. It does this using remote network packet capture (RNCAP) technology, which provides visibility into network traffic patterns, including encrypted traffic, without the need for man-in-the-middle decryption. It also provides visibility into cloud network traffic, a task that typically needs to be carried out on-site, and supports all of the major cloud providers including AWS and Microsoft Azure.

The deal will see Sophos integrate Braintrace’s NDR technology into its own adaptive cybersecurity ecosystem, which underpins all of its security products and services. The technology will also help Sophos collect data from firewalls, proxies and VPNs, allowing it to look for network traffic that contains instructions for malware like TrickBot, and attackers that misuse Cobalt Strike, as well as pre-empting other malicious traffic that might lead to ransomware attacks

Braintrace’s developers, data scientists and security analysts have joined its global Sophos’ managed threat response (MTR) and rapid response teams as part of the deal.

Commenting on the deal, which Sophos claims will make it one of the largest and fastest-growing managed detection and response (MDR) providers, the company’s CEO Joe Levy said: “We’re excited that Braintrace built this technology specifically to provide better security outcomes to their MDR customers. It’s hard to beat the effectiveness of solutions built by teams of skilled practitioners and developers to solve real-world cybersecurity problems.”

Bret Laughlin, co-founder and CEO of Braintrace, added: “We built Braintrace’s NDR technology from the ground up for detection and now, with Sophos, it will fit into a complete system to provide cross-product detection and response across a multi-vendor ecosystem.”

The deal comes a little over a year after Thoma Bravo completed its $3.9 billion takeover of Sophos, and sees the private equity firm further increasing its reach in the cybersecurity space. It acquired security vendor Proofpoint for $12.3 billion back in April, and recently led a $225 million funding round in zero trust unicorn Illumio.