Huntress Labs has acquired intellectual property and associated patents from Level Effect, the maker of an endpoint detection and response solution designed to spot advanced threats through deep network traffic analysis.
Building Level Effect’s Recon solution into the existing Huntress security suite will expand the platform’s EDR capabilities to include awareness of malicious network sessions, payload downloads, and other non-persistent threats, according to Huntress CEO Kyle Hanslovan.
“We were already looking at the endpoint,” he says. “We didn’t have any of that network component, or cloud.”
More specifically, Level Effect’s technology will add the domain names and IP addresses attackers are using to convey instructions to their malware to the store of threat information Huntress already collects, according to Greg Ake, Level Effect’s CEO.
“That data being coupled with what we’re bringing in with our network telemetry is going to have immediate wins for customers to be able to very quickly say, ‘here’s the malicious command and control infrastructure talking to your network,'” he notes.
“It’s literally going to give us twice the amount of insight into what we’re doing,” Hanslovan says. “To our partners, it’s going to be like flipping a light on.”
Huntress plans to incorporate Recon into its existing set of services rather than sell it as a separate product. Hanslovan expects partners to begin seeing the effects of integration work underway now in the third or fourth quarter of the year.
Partners will receive those increased capabilities at no additional cost, according to Hanslovan, who says he has no plans to raise prices “anytime soon at all.”
Last year, in conjunction with the addition of ransomware detection and external reconnaissance services to its original “persistent foothold” detection offering, Huntress announced plans to continuously expand its platform in response to changing threat trends without raising rates.
Level Effect was founded in 2017 by Ake and Robert Noeth, the company’s CTO. Both are former offensive cybersecurity operatives from the National Security Agency, like Hanslovan himself, and will serve in new roles at Huntress.
The Level Effect development team will come over to Huntress as well. The company’s training services division was not part of the transaction and will continue to do business independently under the Level Effect name.
Like many security vendors, Huntress benefited from the increased threat activity triggered last year by the coronavirus pandemic and the associated move to work-from-home computing. The company now has some 1,700 partners, 700 of which signed on in 2020. Revenue will be up slightly less than 100% on a year-over-year basis by the close of this month.
That growth, along with the $18 million Series A funding round Huntress announced last February, made the Level Effect purchase possible. Huntress plans to invest in additional capabilities, through in-house R&D and further acquisitions, in the future.
“There is no doubt that Huntress is on its way to growing a security automation platform,” Hanslovan says. “You could imagine this is the first of many things that we will continue to either build or buy.”
ForgePoint Capital, which led last year’s venture capital round, owns a minority stake in Huntress. According to Hanslovan, the company has no plans to cede majority control to a private equity firm or to accept an acquisition offer from a larger security or managed services vendor.
“We’re aiming towards an IPO,” he says, estimating that it will be at least four years before it’s ready for that step.
Huntress disclosed the forthcoming introduction of a managed version of Microsoft’s Windows Defender antivirus solution last June. Currently in a private beta, that product is scheduled to reach market soon.