Security Experts:

Sophos Acquires Capsule8 to Beef up Linux Protection

British anti-malware powerhouse Sophos has acquired Capsule8 to beef up the Linux protection capabilities to its endpoint detection and response product stack.

Financial terms of the deal were not disclosed. 

Capsule8, based in New York, raised $30 million in venture capital investments since launching in 2016.  Capsule8’s investors include Intel Capital, Rain Capital, ClearSky and Bessemer Venture Partners.

For Sophos, the Capsule8 technology adds runtime visibility, detection and response for Linux production servers and containers covering both on-premises and cloud workloads.

"Comprehensive server protection is a crucial component of any effective cybersecurity strategy. This deal expands our portfolio of Detection and Response Solutions and Services for underprotected server and cloud environments," said Dan Schiappa, chief product officer at Sophos.

[ Related: Thoma Bravo to Acquire Sophos for $3.9 Billion ]

Schiappa said the plan is to integrate the Capsule8’s capabilities and technologies into multiple Sophos product lines, including  Extended Detection and Response (XDR) solutions, Intercept X server protection products, and Sophos Managed Threat Response (MTR) and Rapid Response services.

In practice, the Capsule8 acquisition gives Sophos new Linux telemetry and event information, beefing up the company’s data lake with additional context for advanced threat hunting and security operations.

Sophos, acquired in 2019 by private equity firm Thoma Bravo in a $3.9 billion deal, has been aggressive on the acquisition front, purchasing several startups including Invincea, Avid Secure and Cyberoam Technologies.

Related: The Battle to Control Enterprise Data Lakes

Related: Sophos to Acquire Invincea for up to $120 Million

Related: Sophos Acquires Network Security Firm Cyberoam Technologies

view counter
Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. Ryan is a journalist and cybersecurity strategist with more than 20 years experience covering IT security and technology trends. He is a regular speaker at cybersecurity conferences around the world. Ryan has built security engagement programs at major global brands, including Intel Corp., Bishop Fox and Kaspersky GReAT. He is a co-founder of Threatpost and the global SAS conference series. Ryan's career as a journalist includes bylines at major technology publications including Ziff Davis eWEEK, CBS Interactive's ZDNet, PCMag and PC World. Follow Ryan on Twitter @ryanaraine.