eSentire Buys Cybersecurity AI Startup Versive To Boost Threat Hunting
eSentire has purchased AI-based cybersecurity vendor Versive to help correlate and analyze threat data coming in from the network, endpoint and cloud.
The Cambridge, Ontario-based managed detection and response (MDR) vendor said its SOC (security operations center) analysts were able to look across, correlate, and generate alerts around data when MDR focused just on the network, according to eSentire CEO Kerry Bailey.
But with the addition of endpoint data, cloud logs, and user identity data into eSentire's purview, Bailey said continuing to rely just on SOC analysts would be highly labor-intensive. But Bailey said Versive's AI engine should be able to seamlessly examine the data, identify patterns that humans might not have been able to see immediately, and escalate to an analyst when necessary.
[Related: Security Vendor eSentire Lands Ex-HPE Channel Chief Kerry Bailey As CEO In Push To $1B Sales Mark]
This in turn will free up more time for eSentire's SOC employees to focus on the most serious or problematic issues, according to Bailey.
"I think the best use case of AI in the world could be cybersecurity," Bailey told CRN. "It's exciting news for us."
eSentire had looked at three others AI-related deals before settling on Versive thanks to the Seattle-based company's vision, expertise specifically around security, and track record of innovation around artificial intelligence and machine learning, according to Bailey. In fact, the two firms had partnered for the past 18 months to see if Versive's platform could be applied to eSentire's use case, Bailey said.
"Their product really works," Bailey said. "It works in some of the largest enterprises, and it was proven out in some of our proof of concepts."
The company was founded in 2012, employs 50 people, and had raised $57 million in six rounds of outside funding. Virtually all of Versive's employees joined eSentire, with Versive CTO Dustin Hillard becoming CTO of eSentire, where Bailey said he will oversee roughly 100 of eSentire's developers, engineers, and quality assurance workers. Terms of the deal, which closed Oct. 16, weren't disclosed.
Versive had been looking to accelerate the ability to get its technology into market and turn its capabilities around artificial intelligence into actual products and software, according to Hillard. Hillard was most interested in joining a business that was deeply interested in threat hunting, but lacked the ability to do it fully on their own.
"We were taking the next step in growing the company, and this was the [option] that we thought would move us up quickly," Hillard told CRN.
eSentire plans to go to market very quickly with a new product that links Versive to the company's SOC, according to Hillard. From there, Bailey said eSentire will spend three-to-five months working to have customer data and data from all 3,000 of eSentire's sensors around the world pulled back into the framework of the AI platform.
The application of cybersecurity AI should in particular strengthen eSentire's capabilities around high value asset protection and insider threats by making it easier to see traffic that's moving laterally (east-west) within an environment, according to Bailey.
eSentire will begin extending Versive's capabilities to key partners at the start of next month, Bailey said. Versive's technology will enable solution providers to integrate Versive's technology on-premise and become more involved in tuning, setting up, and implementing the MDR environment.
The company has historically worked with mid-market partners and customers, Bailey said, but Versive's strength around large data sets should help eSentire extend into the upper enterprise. eSentire plans to build things out with a couple of larger media and entertainment-focused partners, Bailey said, and then expand its partner push to other verticals upmarket in early 2019.
"The speed at which adversaries are moving into environments in a variety of different landscapes requires full-spectrum visibility," Bailey said.
The Versive acquisition will ensure that eSentire's MDR product continues to evolve and be one of the best in the industry, according to Vinod Paul, COO at New York-based Align, No. 301 on the 2018 CRN Solution Provider 500. Align has been working with eSentire for two years, Paul said, and now counts them as one of their largest cybersecurity vendors.
Align's registered investor clients have been calling for cybersecurity enhancement to help address both increased amounts of regulatory due diligence as well as new, freestanding regulations, Paul said. Acquisitions like Versive are proof that eSentire is continuing to dedicate extensive resources to research and development rather than resting on their laurels, according to Paul.
"Our clients are consistently asking us to be faster, better and smarter," Paul said.