External threat hunting firm Team Cymru has acquired threat surface management firm Amplicy.
Team Cymru provides detailed intelligence of the threats brewing on the dark web and elsewhere. This allows defenders to protect themselves against likely attacks before they happen. Amplicy offers a detailed analysis of a network’s visible perimeter security; that is, the threat surface visible to attackers.
By combining the two services, Team Cymru will be able to inform its customers on both the evolving threats and where they might strike against Amplicy-detected perimeter weaknesses. It closes the loop on external threat hunting and prevention, reducing the load on internal hunters and responders.
Former Gartner analyst Brad Laporte explains the significance. “The chasms that exist among threat intelligence, attack surface management and vulnerability management, cause debilitating inefficiencies and expose their organizations to financial risk.” He added, “The first company to solve this challenge will set the bar for all other vendors in this space.”
“Team Cymru has never been wed to one approach or data set,” Team Cymru CEO Rabbi Rob Thomas told SecurityWeek, adding that the company has built a large and diverse security information data lake.
“By combining our unique visibility to the attack surface management problem that Amplicy solves with its real-time Internet asset discovery, we will deliver the first real-time, comprehensive third-party infrastructure analysis to eliminate attack surface blind spots and improve our clients’ ability to make cyber risk-based decisions.”
The acquisition, says Team Cymru, aims to deliver a comprehensive solution providing a complete view of an organization’s total cyber risk.
Amplicy includes a complete discovery of all its customers’ internet-facing assets before analyzing their visible threat surface and identifying application and infrastructure vulnerabilities. This discloses weaknesses to hackers and the customers’ own supply chain.
“Today’s attack surface solutions provide some visibility but lack the complete picture. It’s important to know what you own and what ‘owns you’, such as third-party vendors, their network infrastructure providers, and their dependencies,” said Thomas. “The combination of Team Cymru and Amplicy will provide that insight, as well as an ability to drill down and trace threats, transforming our customers’ approach to risk management and information security.”
Amplicy, headquartered in Tel Aviv, Israel, was founded in 2020.
Financial details of the acquisition have not been disclosed. Amplicy’s existing customer base across the U.S., Europe and Asia is expected to support Team Cymru’s own global growth intentions.
Team Cymru, headquartered in Lake Mary, Florida, was founded in 1998 by Dave Deitrich (CTO), and Rabbi Thomas (CEO). “Since 2005,” it says, “our mission has been to save and improve human lives by working with public and private sector analyst teams, enabling them to track and take down threat actors, criminals, terrorists and human traffickers around the globe.” It is funded by Audax Private Equity.
Related: Understanding and Improving the Burden on Threat Hunters
Related: Finding the Right Threat Intelligence Vendors
Related: Don’t Search for a Needle in a Haystack: Use Cases for Threat Intelligence