Sophos, a worldwide leader in next-generation cybersecurity, announced the acquisition of Braintrace, which will add Braintrace’s unique Network Detection and Response (NDR) technology to Sophos’ Adaptive Cybersecurity Ecosystem. Eliminating the need for Man-in-the-Middle (MitM) decryption, Braintrace’s NDR enables comprehensive visibility into network traffic patterns, including encrypted communication. 

Braintrace’s developers, data scientists, and security analysts have joined Sophos’ global Managed Threat Response (MTR) and Rapid Response teams as part of the acquisition. With over 5,000 active clients, Sophos’ MTR and Rapid Response services market has grown quickly, making it one of the world’s largest and rapidly-growing MDR suppliers.

Through integration into the Adaptive Cybersecurity Ecosystem, which supports all Sophos products and services, Braintrace’s NDR technology will help Sophos’ MTR and Rapid Response analysts, as well as Extended Detection and Response (XDR) clients. The Braintrace technology will also be used to capture and forward third-party event data from firewalls, proxies, VPNs, and other sources. Threat identification, threat hunting, and responding to suspicious activity all will benefit from these added layers of visibility and event ingestion.

“You can’t protect what you don’t know is there, and businesses of all sizes often miscalculate their assets and attack surface, both on-premises and in the cloud. Attackers take advantage of this, often going after weakly protected assets as a means of initial access. Defenders benefit from an ‘air traffic control system’ that sees all network activity, reveals unknown and unprotected assets, and exposes evasive malware more reliably than Intrusion Protection Systems (IPS). We’re particularly excited that Braintrace built this technology specifically to provide better security outcomes to their Managed Detection and Response (MDR) customers. It’s hard to beat the effectiveness of solutions built by teams of skilled practitioners and developers to solve real world cybersecurity problems,” said Joe Levy, chief technology officer, Sophos

“NDR is critical to successful threat hunting. Braintrace’s competitive differentiation is its unique NDR technology that our MDR analysts leveraged for finding, interrupting and remediating cyberattacks. With our own NDR technology, the team responds faster and more accurately because of the real-time, automated visibility and threat verification they have into encrypted traffic. We built Braintrace’s NDR technology from the ground up for detection and now, with Sophos, it will fit into a complete system to provide cross-product detection and response across a multi-vendor ecosystem,” said Bret Laughlin, CEO and co-founder of Braintrace.

NDR technology from Braintrace is a critical component in protecting against cyberattacks today and in the future. According to Sophos research, hackers shift strategies frequently to avoid detection and carry out their operations. Braintrace’s technology detects malicious C2 traffic from malware like ColbaltStrike, BazaLoader, and TrickBot, as well as zero-day exploits, which could lead to ransomware and other attacks. This visibility allows threat hunters and analysts to anticipate any prospective ransomware attack, such as REvil and DarkSide’s recent attacks.

In the first half of 2022, Sophos plans to release Braintrace’s NDR technology for MTR and XDR.