Sumo Logic has purchased Security Orchestration, Automation and Response (SOAR) provider DFLabs to accelerate threat detection, analysis, incident response and forensic investigations.
The Redwood City, Calif.-based SaaS machine data analytics company said the SOAR offering from Milan, Italy-based DFLabs helps modern security operations center more effectively automate, orchestrate and measure security operations and incident response processes and tasks. Customers can see as much as a 10x improvement in security operations productivity when implementing the DFLabs SOAR offering, Sumo Logic said.
“The DFLabs team are experts in helping customers navigate this new world,” Greg Martin, VP and general manager of Sumo Logic’s security business unit, said in a statement. “By aligning our cyber security expertise, customer validated and leading security portfolios, we believe we will be able to address the critical challenges our customers face as they navigate this changing threat landscape.”
Terms of the deal, which is expected to close in the fiscal quarter ending July 31, were not disclosed. Sumo Logic’s stock is down $1.95 (7.57 percent) in after-hours trading Wednesday to $23.80 per share, which is the lowest the company’s stock has traded since Nov. 25, 2020. The company also announced a 22 percent increase in revenue to $54.2 million, while net loss improved by 40 percent to $20.6 million.
DFLabs was founded in 2004, employs 55 people, and has raised $9 million in two rounds of outside funding, according to LinkedIn and Crunchbase. CEO Dario Forte and the entire DFLabs team will join Sumo Logic’s security business unit, bolstering the company’s global engineering and cybersecurity domain expertise.
“The team at DFLabs deeply understands the challenges facing the modern security perimeter, and we’ve purpose built our SOAR to help them dramatically improve their productivity,” Forte said in a statement. “Joining Sumo Logic will be an exciting next step for all of us, as the value we believe we can provide together is very clearly understood.”
Sumo Logic said it plans to launch its own SOAR tool shortly after the DFLabs deal closes. The new tool will link upstream emerging DevSecOps models with downstream SOC workflows, which Sumo Logic said will close the loop for adaptive cloud scale defense. The Sumo Logic security intelligence suite includes security analytics, security compliance, and Security Information and Event Management (SIEM).
The combined Sumo Logic-DFLabs offering will accelerate visibility, providing faster context across users, networks, devices, alerts, cloud services and applications while prioritizing the information needed to speed response times. Meanwhile, Sumo Logic said automatically created insights will alleviate manual triage efforts and trigger playbooks to automatically start the investigation and resolution workflow.
The joint offering will automate containment and remediate attacks quickly while establishing repeatable incident response workflows, allowing analysts to save time and focus on real threats. Finally, the combined product set will enable human-in-the-loop decision making so that analysts can perform high-value risk reduction activities like threat hunting, response, and remediation.
“We believe the proposed acquisition will strengthen Sumo’s ability to address the challenges of development, operations and security teams from a single continuous intelligence platform,” Martin wrote in a blog post Wednesday.
This is the third acquisition in Sumo Logic’s 12-year history. The company has taken advantage of M&A to strengthen its position in security, purchasing FactorChain in January 2018 to build out the company’s version of a cloud SIEM platform and acquiring cybersecurity intelligence vendor Jask Labs for $55.1 million in October 2019 to protect modern applications, architectures and multi-cloud infrastructure.
SOAR has been a popular acquisition target in recent years, with Palo Alto Networks purchasing Demisto for $560 million in March 2019 to leverage artificial intelligence and machine learning to automate large parts of customers‘ security operations. Then in December 2019, Fortinet bought CyberSponse for $26.1 million to make security operations teams more efficient and bolster incident response.