Sophos Adds Machine Learning with Invincea Purchase

Exterminator

Level 85
Thread author
Verified
Top Poster
Well-known
Oct 23, 2012
12,527
Sophos has announced the intention to acquire Invincea and add machine learning-based predictive malware detection to its portfolio.

A provider of next-generation malware protection, Invincea’s endpoint security portfolio is designed to detect and prevent unknown malware and sophisticated attacks via patented deep learning neural-network algorithms. Its flagship product “X by Invincea” uses deep learning neural networks and behavioral monitoring to detect previously unseen malware and stop attacks before damage occurs, and will be fully integrated into the Sophos endpoint protection portfolio.

The deal is worth around $120 million, including a cash consideration of $100 million with a $20 million earn-out. Invincea CEO Anup Ghosh and COO Norm Laudermilch will join Sophos in key leadership positions. The Invincea endpoint security portfolio will continue to be supported and sold by Invincea and available via Invincea’s network of registered partners.

Invincea Labs, a division of Invincea that has been separately managed and operated since 2012, has been separated prior to the acquisition and is not part of this transaction.

Ghosh said: “Joining forces with Sophos presents the perfect opportunity to take our proven, advanced technology to a global audience and make it part of a comprehensive synchronized security system. Sophos is leading the industry in adopting and bringing to market this disruptive new vision for complete, advanced, and integrated security, and we are delighted to join the team and help make it happen."

“By adding Invincea to our portfolio, Sophos is executing on its vision to assemble the most powerful technologies to provide the very best, cutting-edge defenses for our customers,” commented Kris Hagerman, chief executive officer at Sophos.

“Invincea is leading the market in machine learning-based threat detection with the combination of superior detection rates and minimal false positives. Invincea will strengthen Sophos’ leading next-gen endpoint protection with complementary predictive defenses that we believe will become increasingly important to the future of endpoint protection and allow us to take full advantage of this significant new growth opportunity. We are proud to welcome the Invincea team to Sophos and look forward to introducing the benefits of this advanced technology to our customers and partners worldwide.”

Bob Tarzey, analyst and director at Quocirca, told Infosecurity that the announcement was “interesting”, as Sophos already makes far reaching “next-generation” claims for its endpoint security and gets recognition as a leader in the space, but Invincea must be adding something Sophos does not already have.

“This would appear to mainly be the machine learning,” he said. “So, yes, the acquisition of Invincea sees Sophos gain ground in a race where it was already among the front runners.”
 

tim one

Level 21
Verified
Honorary Member
Top Poster
Malware Hunter
Jul 31, 2014
1,086
Talking of Machine Learning there is a significant difference between detection of malware and the identification of a static subject or concept.
In the vast majority of the application fields of machine learning (out of antivirus context), the assigned task does not change during the time. With malware everything changes continually, and quickly. This is because cyber criminals are people who have actual and concrete reasons (money, especially).
Malcoders haven't an artificial intelligence; they are opposed in an active manner to security solutions, by modifying intentionally the malware to escape the security model based on machine learning.

For this reason in my opinion, it is necessary to improve continuously the learning mode of the machine; sometimes it is even necessary to restart, even from the beginning, the “learning process”.
It is evident as a security solution not based on a model that also includes other technologies such as BB, code emulation, heuristic analysis, can not prove to be really useful, in the case of a continuous process of updating and evolution of the malware.
Malcoders never sleep.
 

XhenEd

Level 28
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 1, 2014
1,708
I would rather have HMP.A integrated into products than have machine-learning, judging from Cylance.
Most, if not all, AVs already employ machine learning to generate signatures or to identify malware. It's not new. The competition, however, is in how each of the AVs' machine learning algorithms is more effective at giving overall protection.
 
D

Deleted member 178

AI is just a marketing-oriented rebranded advanced heuristic algorithm; common people love the idea of "intelligent" code doing all by itself ; so investors put money on tech that people will buy, hence security vendors just modify their engine to get those investor's cash.

Personally i will put my money on Skynet, and hope it will spare me on Judgement Day because i believed in it ! :D
 

vemn

Level 6
Verified
Malware Hunter
Well-known
Feb 11, 2017
264
Interesting acquisition. With both already on Gartner EPP, i wonder what will happen after their product integration.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top