3 min Security

Darktrace makes first acquisition since Thoma Bravo deal: Cado Security

Darktrace makes first acquisition since Thoma Bravo deal: Cado Security

Cambridge (UK)-based Darktrace is buying the Cado Security, headquartered in London. The latter’s offerings will be integrated into Darktrace’s ActiveAI platform after the deal is closed in February. What does this addition of both parties entail?

Cado Security facilitates cyber incident investigation and response with its own solution. It does so with integrations of hyperscalers and security tooling from Wiz and CrowdStrike, among others. The goal is to eliminate blind spots in the IT environment and react quickly and automatically in the event of an incident.

Typically, Cado Security facilitates forensic investigations into cyber threats, but it has also conducted some of its own. For example, in 2023 it tracked down P2Pinfect, which formed a botnet campaign targeting Redis.

Darktrace and Cado: a logical combination

In the crowded cybersecurity landscape, Darktrace subtly characterizes itself differently from many of its competitors. It deals in what it calls Cyber AI, or the use of AI for security purposes. Through integrations, a rich context can be fed into its offering to contextualize threats. One of its tools is a Cyber AI Analyst, which, thanks to adopting Cado’s technology, is presumably going to be more effective at its task.

This is because the core mission of this Analyst fits perfectly with Cado’s offering. Darktrace aims to take work off security teams’ hands by automatically investigating alerts and prioritizing incidents, thus reducing the well-known problem of noise. The Cado platform has the same in mind, emphasizing above all additional speed and reduced costs over traditional security tools.

It also integrates Cado into Darktrace’s ActiveAI platform, which the British firm introduced last April. It has a broad deployment in mind, with coverage for incidents within cloud, email, network, endpoint, identity and OT environments. Here, Cado’s integrations will undoubtedly come in handy to expand its range even further.

Read more: Darktrace introduces ActiveAI Security Platform

Cado can rest on the expertise of its CEO James Campbell and CTO Chris Doman, the company’s 2020 founders. Campbell previously worked as a director at PwC where he founded the Cyber Incident Response service. He also worked for cyber units of the Australian government. His business partner Doman founded the threat intelligence portal ThreatCrowd, later bought by AT&T along with AlienVault Open Threat Exchange.

First deal since Thoma Bravo at the helm

Darktrace has recent experience with acquisitions, specifically because it has been bought itself. Thoma Bravo brought in the British party for $5.32 billion (€4.95 billion) last October. It has previously tried to buy Darktrace, but only on the second attempt was a deal reached. Although this investment company has several security parties in its portfolio, it usually does not merge them. Thoma Bravo also regularly resells companies at a hefty profit, something that may also apply to Darktrace in the future.

Also read: Why Thoma Bravo almost always places the right bets on tech