IBM acquires offensive security startup Randori to bolster its cybersecurity toolkit

IBM has announced that it’s acquiring Randori, a Boston-based offensive security startup that combines attack surface management (ASM) with continuous automated red teaming (CART) to help organizations bolster their cyber defenses. 

The financial terms of the deal were not disclosed, but Crunchbase data shows that Randori has a valuation in the range of $50 million to $100 million. The hacker-led startup has raised almost $30 million across two funding rounds, most recently a $20 million Series A investment led by Harmony Partners in April 2020. 

ASM — the continuous discovery, inventory, classification and monitoring of a company’s IT infrastructure — is becoming a must-have for organizations of all sizes. The number of potential exposure points in hybrid cloud operating environments is growing exponentially as a result of the pandemic-fueled shift to remote and hybrid working, with ESG data showing that 67% of organizations saw their external attack surface expand over the past two years due to the rising use of cloud, third-party services and Internet of Things (IoT) devices. This same data shows that 69% have been compromised via unknown, unmanaged or poorly managed internet-facing assets in the past year.

Randori, which was founded in 2018 by a former Carbon Black executive and a former red team consultant, aims to help organizations continuously identify external facing assets, both on-premise or in the cloud, that are visible to attackers. Randori Recon provides organizations with a continuous assessment of their attack surface from the attacker’s perspective, while the startup’s  Attack platform gives security teams insights into “hacker logic” — such as understanding how they plan, target and execute attacks — by automating real-world attacks to identify where security programs break down.

“We started Randori to ensure every organization has access to the attacker’s perspective,” said Brian Hazzard, co-founder and CEO of Randori. “To stay ahead of today’s threats, you need to know what’s exposed and how attackers view your environment — that’s exactly what Randori provides.”

IBM’s acquisition of Randori is yet another sign of the company’s continuing shift away from its legacy business to cloud software and AI-powered cybersecurity services, which it recently bolstered with its takeover of endpoint security platform ReaQTA. With its latest acquisition, the company — which ranks as the world’s second-largest cybersecurity vendor behind only Microsoft — will integrate Randori’s attack surface management software with the extended detection and response (XDR) capabilities of its IBM Security QRadar suite, which will enable security teams to leverage real-time attack surface visibility. 

Randori’s CART technology, which enables security teams to stress test defenses, will also be used to bolster the capabilities of IBM’s X Force Red offensive security services team, while Randori insights will be leveraged by IBM’s Managed Security Services to help improve threat detection for thousands of clients.

“If we’re going to turn the tables on attackers, we need to start acting like them with continuous automation of their latest techniques. Randori brings us that ability while further enhancing the offensive security skills we bring to the table with our elite team of hackers at X-Force Red,” Kevin Skapinetz, VP of Strategy and Business Development at IBM Security, told TechCrunch. “Randori brings a hacker-led approach to ASM that is truly unique and helps companies view their exposures just like an attacker would. Their prioritization factors in not only the risk level of the vulnerability but also the attractiveness of an asset to potential attackers, based on real work attacks and popular targets and techniques that today’s attackers are using.”

IBM says it expects the deal, which marks the company’s fourth acquisition of 2022, to close in the next few months, subject to regulatory approval.