Skip to main content

Microsoft acquires cybersecurity firm RiskIQ as the threat of ransomware intensifies

Microsoft acquires cybersecurity firm RiskIQ as the threat of ransomware intensifies


Microsoft is trying to tighten up its security

Share this story

If you buy something from a Verge link, Vox Media may earn a commission. See our ethics statement.

Illustration by Alex Castro / The Verge

Microsoft is officially acquiring RiskIQ, a security software vendor. RiskIQ provides management tools and threat intelligence gathering against a wide range of cyberattacks across Microsoft’s own cloud services, AWS, on-premises servers, and supply chain attacks. While Microsoft hasn’t valued the deal, Bloomberg reported that the company is said to be paying more than $500 million for RiskIQ.

The cloud-based RiskIQ software detects security issues across networks and devices, and the company lists Box, the US Postal Service, BMW, Facebook, and American Express as customers. RiskIQ was originally founded in 2009 and has gradually become an important player in analyzing security threats.

Microsoft hasn’t laid out a detailed plan for how it will integrate RiskIQ into its own security offerings, but it’s bound to utilize RiskIQ’s software across Microsoft 365 Defender, Microsoft Azure Defender, and Microsoft Azure Sentinel eventually.

“RiskIQ has built a strong customer base and community of security professionals who we will continue to support, nurture, and grow,” says Eric Doerr, vice president of cloud security at Microsoft. “RiskIQ’s technology and team will be a powerful addition to our security portfolio to best serve our mutual customers.”

Microsoft has been gradually growing and improving its security tools amid an intense battle with ransomware. The software maker even acquired ReFirm Labs last month to help protect servers and Internet of Things devices from security attacks. The acquisitions come after months of troublesome ransomware attacks. The Russia-linked REvil ransomware group has been wreaking havoc with ransomware and supply chain attacks in recent weeks, and the security industry is still reeling from a sophisticated SolarWinds hack that breached everything from Microsoft to US government agencies.