Security Experts:

Connect with us

Hi, what are you looking for?



Threat Hunting Firm Team Cymru Acquires Attack Surface Management Firm Amplicy

External threat hunting firm Team Cymru has acquired threat surface management firm Amplicy. 

External threat hunting firm Team Cymru has acquired threat surface management firm Amplicy. 

Team Cymru provides detailed intelligence of the threats brewing on the dark web and elsewhere. This allows defenders to protect themselves against likely attacks before they happen. Amplicy offers a detailed analysis of a network’s visible perimeter security; that is, the threat surface visible to attackers.

By combining the two services, Team Cymru will be able to inform its customers on both the evolving threats and where they might strike against Amplicy-detected perimeter weaknesses. It closes the loop on external threat hunting and prevention, reducing the load on internal hunters and responders.

Former Gartner analyst Brad Laporte explains the significance. “The chasms that exist among threat intelligence, attack surface management and vulnerability management, cause debilitating inefficiencies and expose their organizations to financial risk.” He added, “The first company to solve this challenge will set the bar for all other vendors in this space.”  

“Team Cymru has never been wed to one approach or data set,” Team Cymru CEO Rabbi Rob Thomas told SecurityWeek, adding that the company has built a large and diverse security information data lake.

“By combining our unique visibility to the attack surface management problem that Amplicy solves with its real-time Internet asset discovery, we will deliver the first real-time, comprehensive third-party infrastructure analysis to eliminate attack surface blind spots and improve our clients’ ability to make cyber risk-based decisions.”

The acquisition, says Team Cymru, aims to deliver a comprehensive solution providing a complete view of an organization’s total cyber risk.

Threat Hunting Summit

Amplicy includes a complete discovery of all its customers’ internet-facing assets before analyzing their visible threat surface and identifying application and infrastructure vulnerabilities. This discloses weaknesses to hackers and the customers’ own supply chain.

“Today’s attack surface solutions provide some visibility but lack the complete picture.  It’s important to know what you own and what ‘owns you’, such as third-party vendors, their network infrastructure providers, and their dependencies,” said Thomas. “The combination of Team Cymru and Amplicy will provide that insight, as well as an ability to drill down and trace threats, transforming our customers’ approach to risk management and information security.”

Amplicy, headquartered in Tel Aviv, Israel, was founded in 2020.

Financial details of the acquisition have not been disclosed. Amplicy’s existing customer base across the U.S., Europe and Asia is expected to support Team Cymru’s own global growth intentions.

Team Cymru, headquartered in Lake Mary, Florida, was founded in 1998 by Dave Deitrich (CTO), and Rabbi Thomas (CEO). “Since 2005,” it says, “our mission has been to save and improve human lives by working with public and private sector analyst teams, enabling them to track and take down threat actors, criminals, terrorists and human traffickers around the globe.” It is funded by Audax Private Equity.

Related: Understanding and Improving the Burden on Threat Hunters

Related: Finding the Right Threat Intelligence Vendors

Related: Don’t Search for a Needle in a Haystack: Use Cases for Threat Intelligence

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Cybersecurity Funding

SecurityWeek investigates how political/economic conditions will affect venture capital funding for cybersecurity firms during 2023.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...