Infoblox acquires cyber threat intelligence firm IID
Combined solution allows orgs prioritise threat response based on enterprise context and risk
Infoblox, the network control company, has announced the acquisition of privately held IID, a global provider of cyber threat intelligence solutions.
The acquisition of IID makes Infoblox the first enterprise-grade DDI vendor that combines contextual network data with federated threat intelligence and a dedicated threat research team, to provide context-aware security using infrastructure that customers already have in place. Infoblox paid $45 million in cash, subject to customary adjustments, to the former IID stockholders as consideration for the transaction.
Today, many organisations are mired in confusion when it comes to securing their networks and broader IT infrastructure. Threat intelligence services give warnings, but don’t provide a path for translating that information into action. Monitoring systems warn of malicious activity within a network, but don’t give clarity on where to find infected devices, user information, and other metadata. Most important, network and security administrators are drowning in data and alerts, with no easy way to prioritize effective and timely threat response.
Infoblox is the industry leader in managing DNS, DHCP, and IP addresses—the category known as DDI. These services are uniquely at the centre of every network, making it possible for Infoblox to spot suspicious activity, instantly block outbound communications to malicious destinations, and prevent exfiltration of intellectual property, customer information, and other sensitive data. The security solutions offered by Infoblox today are designed to complement and work with other security products, meeting the emerging customer demand for integrated heterogeneous security ecosystems.
With the addition of IID’s ActiveTrust federated threat intelligence and big-data analytics platform to Infoblox security solutions, organisations can get true context-aware security—harnessing real-world data from an organization’s IT infrastructure to improve the accuracy and relevance of security decisions.
“Life in enterprise networking and security is changing too fast, and it’s no longer enough to have set-and-forget perimeter protection,” said Simran Sandhu, manager of network infrastructure at Adobe Systems. “Adobe is a customer of both Infoblox and IID, so we’re excited about how this acquisition can create a single platform for greater integration between devices, firewalls, network insights, and threat intelligence in an open ecosystem.”
The combined solution can greatly improve operational control, allowing network and security teams to easily prioritize threat response at scale, based on enterprise context and risk. Also, Infoblox can now go beyond helping protect on-premise devices to help protect company-managed devices that are off-premise.
“By bringing together the deep and very rich threat intelligence from IID with the context and the central control point that Infoblox has in the network through our DDI services, we can deliver a unique value proposition to our customers and the partners that resell our products,” said Jesper Andersen, president and chief executive officer of Infoblox. “Infoblox and IID are also both committed to the emerging standards for automated sharing of threat intelligence information that will help extend our ecosystem.”
Last year, Infoblox and IID partnered in creation of the Infoblox DNS Threat Index, a quarterly report tracking the growth of malicious domains created by cybercriminals.
“Many organisations today are seeking holistic, end-to-end integrated cybersecurity solutions, composed of the optimal technologies, people, and processes,” said Dan Burns, chief executive officer of Optiv, the largest pure-play cybersecurity solutions provider in North America. "The IID acquisition gives Infoblox the opportunity to provide a differentiated offering that integrates threat information with infrastructure context, and position itself as a more valuable part of the security ecosystem. We look forward to working with Infoblox and IID to deliver effective solutions that meet our clients’ needs.”
IID, based in Tacoma, Washington, collects threat data from thousands of trusted sources including law-enforcement agencies, Internet infrastructure providers, and open-source providers. IID’s threat research team verifies, enhances, and aggregates this data to create clear, high-quality machine-readable threat intelligence (MRTI) that is compatible with automation standards such as STIX and TAXII. This consolidated threat intelligence is distributed to more than 100 customers, among them dozens of Fortune 500 companies and U.S. government agencies, including Microsoft and the U.S. Department of the Treasury. In 2014, IID was one of just five companies named in Gartner’s “Cool Vendors in Security Intelligence” report.
“Enterprise security teams have a difficult time putting threat intelligence into operation,” said Lars Harvey, chief executive officer of IID. “It’s challenging to get machine-readable threat intelligence in formats that are usable, and even harder to directly integrate threat intelligence with devices on the network. The combination of IID with Infoblox puts all these pieces in one package, helping enable enterprises to go from threat discovery to enforcement and mitigation within seconds.”
IID co-founders Lars Harvey and Rod Rasmussen will become members of the Infoblox management team. Infoblox also expects that most IID employees will join Infoblox, including the threat intelligence and engineering teams.