Home > News > featured news > IBM to Expand Security Portfolio with Plans to Acquire ReaQta

DATA SECURITY

IBM to Expand Security Portfolio with Plans to Acquire ReaQta

IBM | November 03, 2021

IBM Security today announced an expansion of its cybersecurity threat detection and response capabilities with its plans to acquire ReaQta. ReaQta's endpoint security solutions are designed to leverage AI to automatically identify and manage threats, while remaining undetectable to adversaries. This move will expand IBM's capabilities in the extended detection and response (XDR) market, aligning with IBM's strategy to deliver security with an open approach that extends across disparate tools, data and hybrid cloud environments.

As part of today's announcement, IBM also detailed a new suite of XDR offerings under the QRadar brand. IBM QRadar XDR helps security analysts break down the silos between the proliferation of point products in the industry – providing comprehensive visibility across security tools and data sources, whether in the cloud or on-premises, and equipping security teams with the insights and automation they need to act quickly. Upon closing, ReaQta's offerings will become part of this portfolio, adding expanded native XDR capabilities to IBM's security portfolio aimed at helping clients adopt continuous monitoring and rapid response as part of a zero trust approach.

Companies today are struggling to secure increasingly dispersed IT environments, with the proliferation of devices, users, and technologies spreading across clouds and on-premises infrastructure. As a result, security events are becoming more difficult and costly to detect and contain, with data breaches costing over $4 million per incident and taking an average of 212 days to identify, according to the 2021 Cost of a Data Breach Report from IBM and Ponemon Institute.

"Complexity has created a cloak that attackers are operating under, furthering their ability to circumvent defenders,The future of security is open, using technologies that can connect the security insights that are buried across disparate tools and advanced AI to identify and automatically respond to threats more quickly across their entire infrastructure, from endpoint to cloud. With our expanded capabilities via QRadar XDR and the planned addition of ReaQta, IBM is helping clients get ahead of attackers with the first XDR solution that reduces vendor lock-in via the use of open standards."

Mary O'Brien, General Manager, IBM Security

IBM Announces Intent to Acquire ReaQta
IBM's planned acquisition of ReaQta further differentiates the company's portfolio of connected, open security tools to unify and speed response to security threats. ReaQta, whose primary business office is located in the Netherlands with headquarters in Singapore, will join the IBM Security business unit upon closing. ReaQta was built by an elite group of cybersecurity experts and researchers with AI and machine learning expertise and extensive backgrounds in security operations. Financial terms were not disclosed. The transaction is expected to close later this year, subject to customary closing conditions and required regulatory reviews.

ReaQta's behavioral-based platform helps stop known and unknown threats in real-time and can be deployed in a hybrid model – on premise or in the cloud as well as air gapped environments. Through deep learning done natively on the endpoint the platform constantly improves on defining threat behavior tailored to each business per endpoint, allowing it to block any abnormal behavior. ReaQta's platform also leverages a unique 'Nano OS' that monitors the operating systems from the outside, helping to prevent interference by adversaries.

"Our mission at ReaQta has been to better equip the defenders, who are tirelessly striving to stay ahead of cyber threats, with advanced technology to quickly identify and block new attacks," said Alberto Pelliccione, CEO at ReaQta. "Joining forces with IBM will enable us to enhance and scale our unique AI capabilities across all types of environments via a proven platform for threat detection and response."

QRadar XDR Suite: Open, Connected Approach to XDR
An evolution of the IBM QRadar security intelligence portfolio, IBM QRadar XDR is a suite of security software built on IBM's open, cloud-native security platform, Cloud Pak for Security. IBM QRadar XDR spans the core foundational capabilities of threat detection, investigation, and response to help organizations modernize their existing IT and security infrastructure.

IBM is implementing an open connected approach to XDR, leveraging its commitment to open security and the Open Cybersecurity Alliance, as well as alliances and integrations with 200 plus cloud and security vendors, creating the industry's largest XDR ecosystem. The QRadar XDR suite also includes IBM native security technologies that customers can choose to leverage for Security Information and Event Management (SIEM), Network Detection and Response (NDR), and Security Orchestration Automation and Response (SOAR).

Now with the addition of ReaQta, the QRadar XDR suite will also include an option for Endpoint Detection and Response (EDR), allowing IBM to provide native capabilities for all core XDR functions, while also providing clients the option to leverage existing investments and third-party tools across IBM's broad partner ecosystem. IBM QRadar XDR will also be designed to deliver more accurate alerts while helping reduce manual processes via pre-built detection and response automations.

IBM QRadar XDR is also designed to be deployed by managed security service providers, including IBM and others.

Connecting Existing Investments
Building further on IBM's open approach to XDR, the company also introduced XDR Connect, which helps companies connect and automate threat detection and response across existing toolsets. Part of the QRadar XDR suite, XDR Connect provides a unified streamlined workflow for alert triage, investigation and threat hunting, automated root cause analysis, and response, by connecting to organizations' existing tools or IBM's own XDR technologies.

XDR Connect offers a centralized management of security incidents with pre-defined detection and response rules via more than 30 open source, pre-built integrations, and data connectors. It also provides access to the latest threat intelligence insights and data from IBM and third parties. This unique approach allows companies to better capitalize on existing security investments, modernize with new security tools and data sources, and simplify their overall security operations with unified, AI-driven workflows designed for faster, streamlined response.

About ReaQta
ReaQta is a top-tiered AI Autonomous Detection & Response platform, built by an elite group of cyber security experts and AI/ML researchers. Built with advanced automated threat-hunting features, ReaQta allows organizations to eliminate the most advanced threats in real-time. As experts in AI and behavioral analysis, ReaQta's proprietary dual-AI engines provide organizations across all industries with autonomous, real-time and fully customizable endpoint security, minus the complexity. As a result of automation coupled with intuitive design, ReaQta's customers and partners benefit from performance improvements and are now able to manage and secure more endpoints without the need for highly skilled staff.

About IBM Security
IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. The portfolio, supported by world-renowned IBM Security X-Force® research, enables organizations to effectively manage risk and defend against emerging threats. IBM operates one of the world's broadest security research, development and delivery organizations, monitors 150 billion+ security events per day in more than 130 countries, and has been granted more than 10,000 security patents worldwide.

Spotlight

How this Pharmaceuticals Company Consolidated Their Security Tools and Established Better Visibility into its Security Environment with Difenda

In 2018, a large manufacturing organization experienced a ransomware attack resulting in a material security breach. The incident highlighted the need for a comprehensive cybersecurity program with greater visibility. The challenge was to implement a solution that was easy to manage and cost-effective while ensuring their sensit

More featured news

Spotlight

How this Pharmaceuticals Company Consolidated Their Security Tools and Established Better Visibility into its Security Environment with Difenda

Related News

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

WinMagic partners with Lumen Technologies to offer mission-critical cybersecurity solutions

Globenewswire | May 29, 2023

WinMagic Inc. (the "Company" or "WinMagic") is proud to announce that it is now a member of the Lumen Technologies (NYSE: LUMN) Channel Partner program. WinMagic offers powerfully simple and seamless authentication and encryption solutions that use the endpoint to deliver unbeatable security. This partnership will enable the Company to leverage Lumen’s extensive network and cloud and security solutions to expand capabilities to existing WinMagic customers and enter new markets through access to Lumen’s comprehensive partner program. As a Lumen Channel Partner, WinMagic can draw on Lumen’s integrated portfolio of global solutions to enable greater product adaptability regarding network services, infrastructure and applications. Lumen’s solutions and infrastructure, combined with WinMagic’s innovative authentication and endpoint encryption products, provide customers with a complete portfolio of cybersecurity solutions. “This is a game-changer for customers. Paired with WinMagic’s next-gen security, Lumen’s edge compute infrastructure and portfolio of advanced solutions gives customers real power,” said Sara Seegers, regional vice president of indirect channel sales at Lumen. “Customers want to scale their operations as quickly as possible. They know this is the key to increasing their efficiency and growing their business. Together, we can bring results that exceed customer expectations.” "This partnership with Lumen brings users WinMagic’s most secure authentication technology to date with an incredible user experience," said Rahul Kumar, vice president of sales at WinMagic. "Our MagicEndpoint provides real-time, continuous authentication of the user plus endpoint device without requiring any user action. This strategy delivers the ‘always verify’ element of zero-trust security. We're excited to extend our next-gen security solutions to the Lumen network." WinMagic’s MagicEndpoint passwordless authentication solution delivers preboot authentication, Windows login and passwordless authentication to online services and applications. The software’s zero-trust security design complements government and commercial environments while delivering an end-to-end secure user experience. SecureDoc endpoint encryption enables organizations to secure all their data at the same time, keeping it safe from cyberattacks without disrupting productivity. About Lumen Technologies Lumen connects the world. We are dedicated to furthering human progress through technology by connecting people, data and applications — quickly, securely and effortlessly. Everything we do at Lumen takes advantage of our network strength. From metro connectivity to long-haul data transport to our edge cloud, security and managed service capabilities, we meet our customers' needs today and as they build for tomorrow. For more information, visit www.lumen.com. About WinMagic WinMagic is a leading developer of cybersecurity solutions that, for 25 years, has raised the bar for endpoint encryption. Over 2,500 businesses and government agencies trust the company with over 3 million active licenses globally. The WinMagic authentication and encryption suite protects your company's data, on-premises or in the cloud. WinMagic delivers a seamless authentication and encryption experience that increases productivity while protecting users and data. For more information, visit www.winmagic.com.

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Absolute Software to Expand Application Resilience Ecosystem with New Product

Absolute Software | March 14, 2023

Absolute SoftwareTM, the only provider of self-healing, intelligent security solutions, recently announced the continued addition to the Absolute Application Resilience ecosystem with the introduction of the latest product. Joint clients can now utilize Absolute's proprietary Persistence® technology and unbreakable device connection to improve the resiliency and health of over 70 mission-critical security and business solutions, such as eClinicalWorks, HCL BigFix, IMTLazarus, UNOWHY, Forescout® SecureConnector, Pixart® MDM, Plurilock CloudCodes, and XM Cyber HaXy. In today's work-from-anywhere scenarios, the need for resilient security policies able to secure remote devices and sensitive data has never been more critical. Absolute's analysis reveals that non-resilient applications may function effectively on lesser than 80% of the devices on which they have been installed, and in some cases as low as 35%, whereas over 95% of devices with Application Resilience functionalities facilitated reported healthy security applications. As a result of increasing demand, Absolute has witnessed a 26% year-over-year rise in the number of customer devices utilizing Application Resilience to monitor app behavior and health, as well as a 42% increase in the number of devices monitoring application health and autonomously reinstalling and repairing them when required. John Herrema, EVP of Product and Strategy at Absolute Software, said, "It is abundantly clear that in order to deliver both maximum protection and returns on security investments, critical controls must be constantly monitored and maintained." He added, "Our unique intelligence repeatedly shows that complex device environments have put endpoint agents at constant risk of collision, decay, or being disabled by malicious or negligent users. By making the investments to continuously grow our Application Resilience ecosystem, we are enabling our customers to harden their defenses against malicious attackers and strengthen overall security posture." About Absolute Software Headquartered in Vancouver, Canada, Absolute Software is the exclusive provider of intelligent, self-healing security systems. Integrated into over 600 million devices, Absolute is the only platform that provides a permanent digital connection that dynamically and intelligently applies visibility, control, and self-healing capabilities to applications, endpoints, and network connections - enabling companies to improve cyber resilience against the rising danger of ransomware and malicious assaults.

PLATFORM SECURITY, SOFTWARE SECURITY, API SECURITY

Traceable AI Introduces World’s First Zero Trust API Access (ZTAA) Solution

Businesswire | April 28, 2023

Traceable AI, the industry’s leading API security company, today announced the launch of its innovative solution, Zero Trust API Access, to help organizations better protect sensitive data, stop API abuse, and align data security programs with broader innovation and business objectives. As the industry’s first and only solution in the market, Traceable’s Zero Trust API Access actively reduces your attack surface by minimizing or eliminating implied and persistent trust for your APIs. “You cannot have true Zero Trust without API security,” said Sanjay Nagaraj, CTO of Traceable. “Traceable’s Zero Trust API Access provides a guiding principle for API security architectures for enhanced data protection, security posture and resiliency. APIs are the universal attack vector, and if companies truly want to take the Zero Trust framework seriously, protect their data and create an environment that enables the ability to grow securely, they need a solution that is both strategic and tactical.” Zero Trust API Access (ZTAA) provides enterprises considerable business benefits including: Dynamic Data Access policies stop data breaches in their tracks: With Traceable, you can detect and classify the data that APIs are handling, to apply proper policies. These policies define which users and roles can access different data types, at what times, from what geolocations and from what client types. With dynamic data access policies, you can quickly and easily create policies with out-of-the-box templates or customize policies based on organization needs. Continuous Adaptive Trust for real-time threat prevention: Traceable’s ZTAA provides security that continuously adjusts to the organization’s threat landscape. This is achieved through real-time, context-based authentication and authorization for API access (both user and machine). Traceable can stitch APIs, as well as the data and user context, via flexible data collection options. This ensures that adaptive trust is enforced for APIs at the edge, as well as for all internal services, for-service APIs and 3rd party APIs. The result is the right access for the right users and entities, at the right time, thereby protecting the business and its sensitive customer data. Intelligent Rate Limiting for API abuse prevention: API rate limiting enables organizations to control the incoming traffic to an API by automatically limiting the number of requests that the API can receive within a given period of time. After the limit is reached, the policy rejects all requests, thereby avoiding any additional load on the backend API. Intelligent rate limiting factors in the rates for users, proxies, bots, and the business function of APIs. This provides enhanced protection against API DDoS attacks, reduces load on backend APIs, honors SLAs, and reduces costs often associated with 3rd party APIs. Access to APIs and sensitive data is therefore proactive and automatic, preventing API abuse. Security becomes a business enabler: When combined, Zero Trust Security and API Security create a holistic and robust security approach that actively mitigates the risks associated with accessing sensitive data via APIs. This comprehensive approach helps protect sensitive information and fosters a secure environment for innovation and growth. Organizations can now confidently offer new products and services, turning security from a hindrance, to a catalyst for accelerated growth. Traceable’s Zero Trust API Access is essential to aligning Zero Trust implementations with the realities of today’s application architectures and extending the Zero Trust Security model to the full application stack. To learn more about Zero Trust API Access from Traceable, visit the team at RSA South Hall, Booth 2133 or request a demo with a security expert. About Traceable Traceable is the industry’s leading API Security company that helps organizations achieve API protection in a cloud-first, API-driven world. With an API Data Lake at the core of the platform, Traceable is the only intelligent and context-aware solution that powers complete API security – security posture management, threat protection and threat management across the entire Software Development Lifecycle – enabling organizations to minimize risk and maximize the value that APIs bring to their customers. To learn more about how API security can help your business, book a demo with a security expert.