News

Report: Microsoft Acquiring Security Firm for $100 Million

Update, 6/8: Microsoft has confirmed that it is acquiring Hexadite for an undisclosed amount. Hexadite's remediation technology will be added to Microsoft's Windows Defender Advanced Threat Protection service and the Hexadite team will become part of Microsoft's Windows and Devices Group. The original article follows.

Microsoft is in the midst of acquiring 3-year-old software security firm Hexadite for $100 million, according to reports.

The acquisition deal and price were mentioned in this Calcalist (Israel) press account, as cited in a Reuters story Wednesday. However, there was no confirmation from Microsoft, with a spokesperson saying only that "the company has nothing to share at this time."

Hexadite has its headquarters in Boston but its research and development facilities are located in Israel. The company makes a solution that automates the investigation and remediation aspects of addressing network breaches.

Hexadite was founded by three former members of an "elite intelligence unit of the Israel Defense Forces," according to the company's Web site. Its main product is the Hexadite Automated Incident Response Solution (AIRS), which was first launched in March of 2015.

AIRS works with other software security solutions to automatically apply remediation actions. Hexadite's partners include security solutions providers such as Carbon Black, Check Point, CrowdStrike, Cybereason, Cylance, Exabeam, Hewlett Packard Enterprise, Palo Alto Networks and Securonix.

Hexadite is described as a "security automation and orchestration" (SAO) provider in a Forrester Research report. The SAO market is described as a new space that started about three years ago, according to the report. Other vendors profiled in Forrester's SAO report include CyberSponse, Demisto, Phantom Cyber and Swimlane. The idea behind SAO solutions is that they can speed up investigation and remediation time following network security breaches.

One challenge for Hexadite is to get security and response professionals to accept that human investigators can be replaced by an automated process such as the AIRS product, according to Forrester's report. AIRS, described as "security middleware," is designed to model the actions of investigators.

Microsoft has its own post-breach analysis solution called the "Windows Defender Advanced Threat Protection" service. It uses machine learning to investigate network security breaches. It's primarily a forensics tool, but Microsoft had indicated back in December that remediation capabilities would be arriving in the Windows Defender Advanced Threat Protection service with the release of the Windows 10 Creators Update. The Windows 10 Creators Update was released last month as a "current branch" test release for organizations.

About the Author

Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.

Featured

  • Microsoft-Mover Deal Aimed at Boosting Microsoft 365 Adoption

    Microsoft has announced its acquisition of Mover, maker of a platform that assists medium-to-large companies in moving their files to cloud-based services.

  • Azure AD Outage Linked to Multifactor Authentication Issues

    An Azure Active Directory outage that lasted for about 2.5 hours was caused by multifactor authentication challenges not working, according to Microsoft.

  • The 2019 Microsoft Product Roadmap

    From the next major update to Windows 10 to the next generation of HoloLens, here's what's on tap from Microsoft this year.

  • 2019 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss this year.

RCP Update

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.