The acquisition, which is the third by Sophos in the last month, is designed to add security orchestration and automation response (SOAR) capabilities to the company’s Managed Threat Response and Extended Detection and Response (XDR) solutions at a time when organizations are rapidly embracing “IT-as-code” approaches to system management. Terms of the transaction were not disclosed.
“As we’ve seen in recent supply-chain incidents, attackers are increasingly targeting software development pipelines, and defenders need the ability to shift further left of attackers. The industry needs SOAR to mature into more capable and generalizable DevSecOps solutions, and Sophos’ acquisition of Refactr will help us lead the way,” said Sophos CTO Joe Levy in a media statement. "With Refactr, Sophos will fast track the integration of such advanced SOAR capabilities into our Adaptive Cybersecurity Ecosystem, the basis for our XDR product and MTR service. We will provide a full spectrum of automated playbooks for our customers and partners, from drag-and-drop to fully programmable, along with broad integrations with third-party solutions through our technology alliances program to work with today’s diverse IT environments.”
Sophos plans to begin rolling out SOAR services based on Refactr technology by early 2022.
Refactr has been a specialist in orchestration, automation, and integration since its founding in 2017. Its original solution was designed to help organizations with limited experience stand up, configure, and manage complete public cloud environments. It expanded that system into a DevSecOps platform two years later. ConnectWise awarded the company, whose clients include the Center for Internet Security and the U.S. Air Force., the $100,000 first prize in its inaugural PitchIT competition for startups in 2018.
“We created the Refactr platform so that every organization can deliver effective DevSecOps through holistic security-first automation. Our platform was purpose-built to be versatile, interoperable and easy to use. Cybersecurity teams can now collaborate with DevOps to easily build complicated IT automation and security integrations through DevSecOps pipelines,” said Michael Fraser, Refactr’s CEO and co-founder, in prepared remarks. “Our mission is to enable DevSecOps to become the modern approach to automation, where cybersecurity use cases like SOAR, XDR, compliance, cloud security, and Identity and Access Management (IAM) become building blocks for DevSecOps solutions.”
Fraser and his development team will remain with Refactr under its new ownership, and will continue enhancing and supporting the company’s platform for existing and new clients.
Last month, Sophos announced the acquisitions of Capsule8, which makes detection and response software for Linux servers and containers, and Braintrace, which makes network and detection software with advanced flow analysis functionality. Both purchases were aimed at augmenting the capabilities of the XDR solution the vendor introduced in May.
XDR has been a hotbed of activity in the security market this year. Fortinet, for example, introduced an XDR solution in January, while Trend Micro updated its own XDR platform in February. Barracuda Networks acquired XDR vendor SKOUT Cybersecurity last month, and Bitdefender added “eXtended EDR” (XEDR) technology to its GravityZone suite two weeks later.