Skip to main content

Rapid7 acquires cloud security startup, DivvyCloud

data security

Rapid7, the innovative cybersecurity and threat analysis organisation, has acquired cloud security specialist, DivvyCloud for $145mn

US-based Rapid7, which powers enterprise security and threat protection through the delivery of analytics and automation technologies, announced its acquisition of DivvyCloud on 28 April. 

It is reported that, under the terms of the agreement, Rapid7 will acquire the startup for a total purchase price of approximately $145mn, subject to adjustments, to be paid in cash and stock. 

Rapid7 and DivvyCloud

DivvyCloud is a cloud security and governance specialist. The company, which was formed in 2009, helps enterprises to take advantage of the benefits of cloud, such as speed and agility, while maintaining security. 

It does this by protecting companies’ cloud and container environments from misconfigurations, policy violations and other threats through the use of automation and real-time automation. 

DivvyCloud provides ‘unified visibility’ that allows customers to monitor and understand the security risks facing their operations. 

By standardising multi-cloud data the company makes cloud security more accessible, and allows for future proofing against new services or technologies being implemented. 

The company provides services to several globally recognised brands, including AWS, Microsoft, Google, Alibaba and Kubernetes. 

According to a report by TechCrunch, Rapid7’s Chief Innovation Officer Lee Weiner said the acquisition will see Rapid7 move more deeply into the cloud. 

Weiner is reported as saying: “DivvyCloud has a fantastic platform that really allows companies the freedom to innovate as they move to the cloud in a way that manages their compliance and security.”


Rapid7 :building excellence in security

Rapid7 is a leader in enterprise security and threat protection. According to the company’s recent 2020 Threat Report, organisations continue to host vulnerable systems that attackers target. 

The Threat Report provides insight on the rapidly evolving threat landscape for businesses, identifying the key threats faced and how they will evolve over the course of 2020. 

It focuses on four key areas to do this: threat telemetry, detection telemetry, recommendations and security programmes. 

On threat telemetry, the company reveals that organisations continue to host internet-exposed, vulnerable systems. 

Accordingly, it recommends the measuring and improvement of the time to deploy patches, particularly to those internet-facing systems.

It also suggests that organisations should improve how external attackers view them particularly with regards to the systems and services that they have available online.  

Key conclusions from the report include: 

  • There is a need for focusing on external footprint.
  • Attackers most commonly exploit a public-facing application or valid accounts. This can be countered by patching, network segmentation and UBA.
  • Organisations should use multiple threat detection methodologies and augment detections and technology with skilled individuals.
  • Close to 80% of breaches detected by Rapid7’s MDR service are malware-related, phishing-related or malicious documents.
  • Proactively deploying mitigating controls based on trends in the threat landscape can reduce the risk of a breach.

Read the full 2020 Threat Report by Rapid7 here

Read our coverage of the Rapid7 2020 Threat Report here.

For more information on all topics for FinTech, please take a look at the latest edition of FinTech magazine.

Follow us on LinkedIn and Twitter.