Sophos Adds Machine Learning with Invincea Purchase

[Exterminator]

Sophos has announced the intention to acquire Invincea and add machine learning-based predictive malware detection to its portfolio.

A provider of next-generation malware protection, Invincea’s endpoint security portfolio is designed to detect and prevent unknown malware and sophisticated attacks via patented deep learning neural-network algorithms. Its flagship product “X by Invincea” uses deep learning neural networks and behavioral monitoring to detect previously unseen malware and stop attacks before damage occurs, and will be fully integrated into the Sophos endpoint protection portfolio.

The deal is worth around $120 million, including a cash consideration of $100 million with a $20 million earn-out. Invincea CEO Anup Ghosh and COO Norm Laudermilch will join Sophos in key leadership positions. The Invincea endpoint security portfolio will continue to be supported and sold by Invincea and available via Invincea’s network of registered partners.

Invincea Labs, a division of Invincea that has been separately managed and operated since 2012, has been separated prior to the acquisition and is not part of this transaction.

Ghosh said: “Joining forces with Sophos presents the perfect opportunity to take our proven, advanced technology to a global audience and make it part of a comprehensive synchronized security system. Sophos is leading the industry in adopting and bringing to market this disruptive new vision for complete, advanced, and integrated security, and we are delighted to join the team and help make it happen."

“By adding Invincea to our portfolio, Sophos is executing on its vision to assemble the most powerful technologies to provide the very best, cutting-edge defenses for our customers,” commented Kris Hagerman, chief executive officer at Sophos.

“Invincea is leading the market in machine learning-based threat detection with the combination of superior detection rates and minimal false positives. Invincea will strengthen Sophos’ leading next-gen endpoint protection with complementary predictive defenses that we believe will become increasingly important to the future of endpoint protection and allow us to take full advantage of this significant new growth opportunity. We are proud to welcome the Invincea team to Sophos and look forward to introducing the benefits of this advanced technology to our customers and partners worldwide.”

Bob Tarzey, analyst and director at Quocirca, told Infosecurity that the announcement was “interesting”, as Sophos already makes far reaching “next-generation” claims for its endpoint security and gets recognition as a leader in the space, but Invincea must be adding something Sophos does not already have.

“This would appear to mainly be the machine learning,” he said. “So, yes, the acquisition of Invincea sees Sophos gain ground in a race where it was already among the front runners.”

 

[SHvFl]

Hahahaha i knew it. I need a dev that can make me a product that uses some kind of math and has a decent detection and i will make us rich. I am good at marketing.

 

[tim one]

Talking of Machine Learning there is a significant difference between detection of malware and the identification of a static subject or concept.
In the vast majority of the application fields of machine learning (out of antivirus context), the assigned task does not change during the time. With malware everything changes continually, and quickly. This is because cyber criminals are people who have actual and concrete reasons (money, especially).
Malcoders haven't an artificial intelligence; they are opposed in an active manner to security solutions, by modifying intentionally the malware to escape the security model based on machine learning.

For this reason in my opinion, it is necessary to improve continuously the learning mode of the machine; sometimes it is even necessary to restart, even from the beginning, the “learning process”.
It is evident as a security solution not based on a model that also includes other technologies such as BB, code emulation, heuristic analysis, can not prove to be really useful, in the case of a continuous process of updating and evolution of the malware.
Malcoders never sleep.

 

[ForgottenSeer 55778]

I would rather have HMP.A integrated into products than have machine-learning, judging from Cylance.

 

[ForgottenSeer 55474]

Yes,I am on your page Tarian

 

[ForgottenSeer 55778]

Yes,I am on your page Tarian

Was the entire point of acquiring HMP and HMP.A to decrease competition and make sure no one got it first? Not integrating it with Sophos Home is alright but their flagship enterprise shoudl definitely have it.

 

[XhenEd]

I would rather have HMP.A integrated into products than have machine-learning, judging from Cylance.

Most, if not all, AVs already employ machine learning to generate signatures or to identify malware. It's not new. The competition, however, is in how each of the AVs' machine learning algorithms is more effective at giving overall protection.

 

[Deleted member 178]

AI is just a marketing-oriented rebranded advanced heuristic algorithm; common people love the idea of "intelligent" code doing all by itself ; so investors put money on tech that people will buy, hence security vendors just modify their engine to get those investor's cash.

Personally i will put my money on Skynet, and hope it will spare me on Judgement Day because i believed in it !

 

[vemn]

Interesting acquisition. With both already on Gartner EPP, i wonder what will happen after their product integration.