Intelligent Tech Channels Issue 43 | Page 12

SECURITY NEWS
Sophos acquires Refactr to optimise managed threat response

Sophos , a next-generation cybersecurity vendor , has announced that it has acquired Refactr , which develops and markets a versatile DevSecOps automation platform that bridges the gap between DevOps and cybersecurity .

Based in Bellevue , Washington , Refactr launched in 2017 and is privately held .
As DevOps and security teams continue to adopt “ IT-as-Code ” approaches to managing their environments , Refactr ’ s ability to automate any of these processes enables teams to scale .
Sophos is optimising Refactr ’ s DevSecOps automation platform to add Security Orchestration Automation and Response ( SOAR ) capabilities to its managed threat response ( MTR ) and extended detection and response ( XDR ) solutions .
“ First-generation SOAR solutions have moved our industry forward in significant ways , but we ’ re now witnessing an evolution where more and more businesses
Joe Levy , Chief Technology Officer , Sophos
growing base of partners and organisations that want to build customised IT and security automations for themselves and for their customers .
Michael Fraser , CEO and co-founder , Refactr , said : “ We created the Refactr platform so that every organisation can deliver effective DevSecOps through holistic security-first automation . Our platform was purpose-built to be versatile , interoperable and easy to use . Cybersecurity teams can now collaborate with DevOps to easily build complicated IT automation and security integrations through DevSecOps pipelines .”
Fraser added that : “ Our mission is to enable DevSecOps to become the modern approach to automation , where
First-generation SOAR solutions have moved our industry forward in significant ways , but we ’ re now witnessing an evolution where more and more businesses are becoming software companies and our security solutions need to evolve in parallel .
are becoming software companies and our security solutions need to evolve in parallel . As we ’ ve seen in recent supply chain incidents , attackers are increasingly targeting software development pipelines and defenders need the ability to shift further left of attackers . The industry needs SOAR to mature into more capable and generalisable DevSecOps solutions , and Sophos ’ acquisition of Refactr will help us lead the way ,” said Joe Levy , Chief Technology Officer , Sophos . “ With Refactr , Sophos will fast track the integration of such advanced SOAR capabilities into our Adaptive Cybersecurity Ecosystem , the basis for our XDR product and MTR service . We will provide a full spectrum of automated playbooks for our customers and partners , from drag-and-drop to fully programmable , along with broad integrations with thirdparty solutions through our technology alliances program to work with today ’ s diverse IT environments .”
Sophos will continue to develop and offer Refactr ’ s platform to the existing and cybersecurity use cases like SOAR , XDR , compliance , cloud security and Identity and Access Management ( IAM ) become building blocks for DevSecOps solutions . We are already seeing success in providing organisations our emerging technology , including the Centre for Internet Security and the US Air Force . We are proud of what we accomplished at Refactr , and excited for the next part of our journey with Sophos to help create a more secure world through DevSecOps .”
12