The acquisition promised to strengthen the company’s security months after suspected Russian hackers exploited Microsoft’s software to spy on corporate customers.
Microsoft is buying RiskIQ, a cyber security firm that specializes in tracking hacking activities and online attacks on the Internet.
The acquisition comes months after a major breach by both Microsoft and IT provider SolarWinds. By taking advantage of several vulnerabilities, suspected Russian government hackers were able to hijack access to corporate email servers belonging to several customers. Those same attacks also exposed access to some of Microsoft’s own source code.
The SolarWinds breach was not mentioned in Microsoft’s announcement of the RiskIQ acquisition. Still, the company says the deal will “help our shared customers build a more comprehensive view of global threats to their businesses, better understand vulnerable Internet-facing assets, and provide world-class threat intelligence.” will build the information.”
Microsoft also points out that businesses are increasingly relying on a variety of cloud computing platforms to run their business. “Effectively the Internet is becoming their new network, and it is increasingly important to understand the full scope of their assets in order to reduce their attack surface,” the company said.
RiskIQ serves over 100,000 IT security analysts and 300 enterprises as customers. Through the company’s products, a customer can discover and protect vulnerable machines and software on their corporate network. Other RiskIQ products are designed to help IT security staff monitor and investigate hacking threats using intelligence from the security community.
“We are joining Microsoft to further expand our reach and impact,” RiskIQ said in a statement. “We will work closely with our customers as we integrate RiskIQ’s complementary data and solutions with Microsoft’s security portfolio to enable best-in-class solutions attack surface visibility, threat detection and response could.”
Surveillance will also extend beyond surveillance attacks on Microsoft services, such as Azure, the company’s cloud computing platform. Redmond notes RiskIQ can assess the security of various cloud computing services, including Amazon’s AWS, in addition to IT supply chains.