Amazon Web Services acquires threat detection startup Sqrrl

By on
Amazon Web Services acquires threat detection startup Sqrrl

Amazon Web Services has given its new threat detection service a shot in the arm by purchasing cybersecurity software company Sqrrl.

Sqrrl's advanced threat hunting capabilities are expected to align well with Amazon GuardDuty, an intelligent threat detection service Amazon launched in November focused on protecting AWS accounts and workloads.

"We will be joining the Amazon Web Services family, and we're looking forward to working together on customer offerings for the future," Mark Terenzoni, Sqrrl's CEO, said in a statement posted to the company's website. "Over time, we'll work with AWS to do even more on your behalf."

AWS and Sqrrl didn't immediately respond to requests for additional comment. Terms of the deal were not disclosed, though Axios reported in December that the purchase price was expected to be just over US$40 million. Amazon's stock is up US$6.06 to US$1,368.60 per share in pre-market trading Wednesday.

Beefing up Amazon's security portfolio should help solution providers with overcoming one of the most common objections to public cloud migration.

Sqrrl was founded in 2012 by ex-NSA employees, and currently employs 55 people. The company has raised US$26.5 million in four rounds of funding, according to Crunchbase, capped off by a US$12.3 million Series C round in June led by Spring Lake Equity Partners. 

The company analyses big data to hunt cyberthreats, helping companies identify and address them faster. Sqrrl utilises linked data, machine learning, user and entity behavior analytics, risk scoring, and big data technologies to uncover malicious patterns and anomalies hidden within security data sets, according to the company.

Amazon GuardDuty, meanwhile, uses both AWS-developed threat intelligence and industry-leading third-party sources to identify events that fall outside the normal patterns of activity. Customers using GuardDuty from the get-go include GE, Netflix, Autodesk, Twillo, Webroot and Mapbox, Amazon said.

Sqrrl works with an array of distributors, VARs, consultants, systems integrators and MSSPs to get its offering into the hands of more end customers. Sqrrl gives its VAR, consulting and systems integrator partners marketing and technical training, with the company providing necessary technical support for end users.  

MSSPs, meanwhile, offer Sqrrl's threat hunting and incident investigation as a managed service hosted either in the MSSP's or end user's ecosystem, according to the company's website. The company said it provides its MSSPs with the technical and sales training needed to effectively market and deliver Sqrrl.   

Consulting giant Deloitte said in November that it would be leveraging Sqrrl's threat hunting platform in Europe, the Middle East and Africa to identify compromises and threat actors in its customers' IT environments as part of an as-a-service offering.  

Sqrrl also conducts tight technical integrations of the product to those of its OEM technology partners, which include Amazon, Carbon Black, Dell, Hewlett Packard Enterprise, IBM, Nutanix and Splunk. These integrated offerings allow OEMs to bolster their threat hunting, incident investigation and user and entity behavior analytics capabilities, according to Sqrrl. 

This article originally appeared at

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © 2018 The Channel Company, LLC. All rights reserved.

Most Read Articles

You must be a registered member of CRN to post a comment.
| Register

Log In

Username / Email:
  |  Forgot your password?