Top 10 XDR software

Important news about XDR software

2023. Okta snatches up security firm Spera for over $100M



It is a curious fact, little known except to those who pay far too much attention to such things, that Okta, a rather prominent identity and access management company, has decided to gobble up Spera, a security firm that, in all likelihood, was blissfully unaware of its impending absorption. The grandiose plan here—if you believe the press releases—seems to be to bolster Okta’s prowess in identity threat detection and response (ITDR), gifting its customers the futuristic power to bat away risks, identify vulnerabilities lurking in the shadows and generally do all sorts of clever things that would make your average IT department faint with joy. Spera, for its part, brings an assortment of shiny tools that not only reveal those pesky silos hiding within software-as-a-service and infrastructure applications, but also expose vulnerabilities in user populations. It doesn’t stop there, of course. Spera goes one better by helping companies to slash their license costs, a task that involves discovering and mercilessly deactivating dormant accounts, much to the relief of overworked finance teams everywhere.


2023. Microsoft 365 Defender is becoming Microsoft Defender XDR



Microsoft has integrated cloud workload alerts, signals and asset information from Microsoft Defender Cloud into Microsoft 365 Defender - it's cloud-based service designed to help protect on-premise, cloud and hybrid environments. This integration now removes any infrastructure blind spots in an organization’s digital landscape. As part of this integration, the company is rolling out new correlations and content tailored to cross-workload correlations and cloud-specific content, giving you a richer, more contextual understanding of the threats, your organization faces. In the Defender portal, SOC analysts can now run end-to-end investigations if they’re faced with this type of cyberattack. They can monitor, triage and investigate multicloud alerts across Azure, AWS and GCP. This end-to-end prioritization of information and alerts streamlines the investigation process and greatly improves SOC efficiency. With the incorporation of cloud signals, the company has renamed Microsoft 365 Defender to Microsoft Defender XDR to better represent its capabilities that broadly span multiplatform and multicloud assets.

2023. Arctic Wolf acquires cybersecurity automation platform Revelstoke



In the delightfully convoluted world of cybersecurity, where virtual wolves roam, Arctic Wolf, a guardian of all things digital, has rather cleverly decided to absorb Revelstoke—a company expertly tinkering with something called SOAR, which stands for Security Orchestration, Automation and Response, though it sounds suspiciously like something that ought to involve wings and feathers. This cunning acquisition means Arctic Wolf’s platform is now primed to sniff out nefarious cyber-nasties with the speed and precision of a caffeinated octopus. Arctic Wolf’s magical software already hoovers up data from every nook and cranny—be it endpoints, clouds, or networks—unifying them into a single, comprehensible whole (or, as comprehensible as anything in cybersecurity ever gets). Now, with Revelstoke’s wizardry in tow, Arctic Wolf is poised to deliver mind-bogglingly advanced tech that makes SOAR outcomes so seamless they might as well be magic, all for the comfort and delight of clients who’d quite like their cybersecurity served without all the fuss.


2023. Cybersecurity firm Lumu raises $30M to detect network intrusions



In the vast and bewildering galaxy of cybersecurity startups, Lumu has secured $30M to boldly do what many others are also doing: detecting security breaches and offering clever insights on compromised networks. With its sharp focus on identifying threats and spilling the beans on exactly when, where and how breaches occur—complete with detailed response plans—it’s certainly got its act together. Lumu even lets enterprises automate defensive moves through existing security tools, all while combing through a whopping two years of network data for any hint of suspicious activity. Admirable, yes. Groundbreaking, perhaps not entirely. After all, fellow cosmic contenders like Ordr (which recently scored $40M), Cyrebro, Darktrace and Vectra (valued at $1.2 billion) are doing much the same, each trying to outwit the digital chaos in their own peculiar way.


2023. CrowdStrike acquires Bionic.ai for $350M



In a galaxy of cyber threats, where CrowdStrike reigns as a champion of endpoint security and breach response, a new acquisition has emerged from the swirling mists of the SaaS sector: Bionic.ai. For a tidy $350 million, CrowdStrike now holds in its possession a cloud security posture management platform—essentially a magnifying glass for IT teams eager to spot lurking vulnerabilities in their company’s digital landscape. Now, while Bionic.ai’s annual recurring revenue (ARR) remains modestly shy of the $10 million mark, an amount often tossed about in the SaaS universe as an “important metric,” it’s the additional layer of insight that excites CrowdStrike. Already well-furnished with its own security service, Falcon, CrowdStrike looks to Bionic.ai to sprinkle a touch of cosmic visibility and observability into its ever-expanding galaxy of offerings.


2023. Incident response management platform Rootly secures $12M



In a universe not entirely unlike our own, where websites behave a bit like fickle weather patterns and digital storms tend to pop up precisely when least expected, there exists an audacious little startup called Rootly. Picture, if you will, Rootly’s ingenious platform, fashioned to deftly manage the sorts of digital crises that can make a CTO feel like they’re trapped in an infinite loop of headaches. With a freshly secured $12 million in Series A funding, Rootly has set itself on a mission: to automate the chaotic ballet of incident management with tools that not only marshal teams within Slack but also take it upon themselves to suggest what the poor humans involved might want to do next. And Rootly’s talents don’t stop there—it can, rather impressively, whip up status updates and post-mortems without needing a drop of coffee, even spotting connections between seemingly unrelated incidents. All this unfolds in a market worth a cosmic $29.21 billion (circa 2022), where Rootly finds itself pitted against other rather spiffy tools like FireHydrant, Blameless, and the newly cash-infused Incident.io, which, if rumors are true, has a bit of venture capital backing to the tune of $28.7 million.


2023. Gem Security wants to secure your cloud infrastructure, raises $11M



Gem Security, the Israeli-based startup developing a cloud threat detection, investigation and response (TDIR) platform, is emerging from stealth today and has announced an $11 million seed funding round. With support for major cloud platforms like AWS, Azure, Google Cloud and Kubernetes, Gem Security promises to provide security teams with a unified, streamlined tool to identify all their cloud assets and offer real-time threat detection and contextualized alerts to ensure their safety, partly by automating a significant portion of a company’s cloud security operations.


2022. GreyNoise to expand its threat intel collection after securing $15M in funding


In a universe brimming with unending streams of digital drivel, GreyNoise Intelligence, a plucky cybersecurity startup with a knack for sifting sense from the cacophony of internet scanning traffic, has pocketed a cool $15 million in Series A funding. Their mission? To boldly expand their threat-collection contraptions and shield organizations from the next big digital nasty lurking in the ether. Self-described as “anti-threat intelligence” (which sounds appropriately contrarian), GreyNoise acts like a spam filter for the internet’s incessant alert deluge—because, let’s face it, security analysts wading through seas of pointless alerts is just the galactic equivalent of finding a Vogon poem charming.


2022. IBM acquires attack surface management startup Randori



IBM has announced that it’s acquiring Randori, a Boston-based offensive security startup that integrates attack surface management (ASM) with continuous automated red teaming (CART) to assist organizations in enhancing their cyber defenses. ASM — the ongoing discovery, inventory, classification and monitoring of a company’s IT infrastructure — is becoming essential for organizations of all sizes. The number of potential exposure points in hybrid cloud environments is increasing rapidly due to the pandemic-driven shift to remote and hybrid work, with ESG data indicating that 67% of organizations observed their external attack surface expand over the past two years because of the growing use of cloud, third-party services and Internet of Things (IoT) devices.


2022. Seemplicity emerges from stealth with $32M to consolidate security notifications and speed up response times



Israel-based startup Seemplicity is coming out of stealth with $32 million in funding for a platform it believes will help reduce the cyber attack burden by managing the massive influx of data that inundates DevOps teams, which is challenging to interpret even before any action is taken. It consolidates all of those alerts and orchestrates them to determine which are related, which can be grouped together, which are more critical (due to their importance to core operations or potential to indicate a cascading issue, for instance) and which can be resolved by addressing another issue.