Channel investors, Channel partners, Content

IBM Acquires Attack Surface Management Company Randori for XDR Security Push

attends the 2016 Wired Business Conference on June 16, 2016 in New York City.

IBM has acquired attack surface management (ASM) and offensive cybersecurity company Randori for an undisclosed sum. The company announced the acquisition at RSA Conference 2022 in San Francisco, California.

This is technology M&A deal number 534 that MSSP Alert and sister site ChannelE2E have covered so far in 2022.

Randori, based in Waltham, Massachusetts, has 80 employees listed on LinkedIn. The company raised $20 million in Series A funding led by Harmony Partners and existing investors Accomplice, .406 Ventures and Legion Capital in April 2020.

IBM Security: Ready to Grow Faster?

The Randori acquisition surfaces as IBM CEO Arvind Krishna seeks to accelerate the company's security revenues -- which were shrinking in late 2021 but grew 5% in Q1 of 2022. Although IBM runs a Top 250 MSSP and also offers cybersecurity software, faster-growth MDR (managed detection and response) service providers and EDR (endpoint detection and response) software companies have dominated the market spotlight in recent years.

Amid that backdrop, IBM will combine Randori's ASM software with the eXtended detection and response (XDR) capabilities of IBM Security QRadar, the buyer said. In doing so, Randori can feed security insights to QRadar XDR, and security teams can use these insights for alert triage, threat hunting and incident response.

In addition, Randori complements IBM X-Force Red's hacker-led offensive security services, IBM noted. Randori also provides security insights for IBM's Managed Security Services.

Randori offers ASM and continuous automated red teaming (CART), IBM indicated. It offers a platform that organizations can use to understand their attack surface and secure it properly.

Along with ASM and CART, Randori provides cloud migration, shadow IT discovery and ransomware prevention support, the company stated.

What Does the Randori Acquisition Mean for IBM?

Randori will help IBM customers "find their most critical blind spots," IBM Security GM Mary O'Brien stated. It ensures these customers can secure applications in hybrid cloud environments and minimize the risk of cyberattacks that cause brand reputation damage and revenue losses.

Furthermore, Randori is IBM's fourth acquisition to date in 2022. The Randori acquisition also comes after IBM in March 2022 launched its Unified Key Orchestrator key management service

Additional insights from Joe Panettieri.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.