Cisco to Buy Security Company ThreatGrid

The deal will add to the security capabilities Cisco inherited when it acquired SourceFire last year.

Download the authoritative guide: The Ultimate Guide to IT Security Vendors

data security

Cisco Systems plans to add to its cyber-security capabilities by buying ThreatGrid, a privately held New York-based company that offers malware analysis and threat intelligence that can run both on-premises or in the cloud.

Cisco officials announced their intent May 21, the last day of the Cisco Live 2014 event in San Francisco. The move will bolster Cisco's Advanced Malware Protection (AMP) portfolio, technology the networking vendor inherited through its $2.7 billion acquisition of SourceFire last year. The SourceFire deal is the most significant move by Cisco as it builds up its computer security capabilities.

The companies did not release financial details of the deal, which is expected to close in the third quarter.

It's part of a larger push by Cisco to expand its role in the data center beyond networking. The company, through in-house development and outside acquisitions, is aggressively growing into such areas as cloud computing, mobility and the Internet of things (IoT), or what company executives refer to as the Internet of everything.

In announcing the ThreatGrid bid, Cisco officials noted the rapidly growing amount of data being created and shared on the Internet and the number of connected devices, driven by such trends as mobility, the Internet of everything and the cloud.

With all that, "the number of cyber attacks will continue to increase—and with greater speed and complexity," Hilton Romanski, senior vice president and head of business development at Cisco, said in a post on the company blog. "Companies need threat-centric security solutions to address the full attack continuum—before, during, and after an attack. … [ThreatGrid's technology] helps organizations and security teams defend proactively against and quickly respond to advanced cyber attacks and malware outbreaks."

According to Romanski, the ThreatGrid acquisition will work with the AMP portfolio to give Cisco a more complete computer security solution. ThreatGrid's technology will help Cisco customers with in-house data retention needs, he wrote. Meanwhile, the AMP solutions is aimed at organizations' security needs from the network to the endpoint, offering such features as detection and block, continuous analysis and remediation of advanced threats.

"The combination of Cisco and ThreatGRID will enhance our already strong capabilities to aggregate and correlate data to identify advanced and evasive cyber threats and provide intelligent cybersecurity solutions for the real world," Romanski wrote.

For ThreatGrid, becoming part of Cisco will give it the money and resources it needs to grow its technologies and a massive, global customer base. The company was founded in 2010.

"Our focus has always been the technology, but as with any similar endeavor, there is a roadmap for the company and its future," Dean De Beer, ThreatGrid co-founder and CTO, wrote in a post on the company blog. "Part of this roadmap is to look beyond what we're capable of now and to consider a future that has the potential to change the fundamental way in which we address the threat landscape and how we approach solving those customer problems. When an opportunity to help drive that change presents itself, and also aligns with your core beliefs and culture, you seize it."

Cisco's SourceFire acquisition and its efforts to address current and future threats across the attack continuum dovetail with the vision put forth by him and co-founder and CEO Dov Yoren, De Beer wrote.

"This integration will help to identify and prevent advanced cyber threats by addressing the entire attack lifecycle," he wrote.