View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cloud
June 7, 2022updated 05 Aug 2022 11:01am

IBM buys Randori as cloud cybersecurity battle intensifies

Big Blue's latest purchase reflects that security is increasingly seen as a key battleground in the cloud wars.

By Matthew Gooding

IBM is beefing up its cybersecurity offering with the acquisition of Randori, an attack surface management (ASM) and offensive cybersecurity provider. Big Blue says its latest purchase will boost the security tools on offer to users of its hybrid cloud services, and the deal signifies the growing importance of security as a differentiator in the battle for cloud computing supremacy.

IBM Randori
IBM’s security centre in Boston, Mass. The company has announced the acquisition of security vendor Randori (Pic: IBM)

The deal, announced overnight, will see Boston-based Randori’s attack surface management software integrated into IBM’s Security QRadar software. Financial terms of the acquisition have not been disclosed, but it is expected to close in the next few months.

“Our clients today are faced with managing a complex technology landscape of accelerating cyberattacks targeted at applications running across a variety of hybrid cloud environments – from public clouds, private clouds and on-premises,” said Mary O’Brien, general manager at IBM Security. “In this environment, it is essential for organisations to arm themselves with attacker’s perspective in order to help find their most critical blind spots and focus their efforts on areas that will minimize business disruption and damages to revenue and reputation.”

What does Randori do?

Billing itself as a hacker-led company, Randori was founded in 2018 and has raised $30m since its inception. Its cloud-native ASM software works by exploring a client’s system and mapping the potential attack surface for cyber criminals, prioritising potential vulnerabilities. The company says can help tech teams identify shadow IT risks and potential entry points for ransomware.

This is apparently a growing problem, and IBM points to research published in January which found that 67% of organisations have seen their external attack surface expand over the past two years due to the rising use of cloud services, third-party software, IoT devices and cyber physical systems. Indeed, 69% of respondents to the poll, carried out by consultancy ESG, said they had been “compromised via unknown, unmanaged and poorly-managed internet-facing assets” in the past year.

“To stay ahead of today’s threats, you need to know what’s exposed and how attackers view your environment,” said Brian Hazzard, co-founder and CEO at Randori. “By joining forces with IBM, we can greatly accelerate our vision and strategy – leveraging IBM’s deep expertise in AI, threat intelligence, offensive security and global reach.

“Together, we can arm the industry with the attacker’s perspective – helping to give every organisation the visibility and insight needed to get in front of the next wave of attacks.”

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Cloud computing giants on a cybersecurity spending spree

The acquisition is IBM’s fourth of 2022 as it continues to build its cloud capabilities to match its stated strategy of growing the company’s revenues through what it describes as hybrid-cloud services. It says it can help customers manage workloads deployed on multiple public and private clouds, as well as on-premises systems.

It faces an uphill struggle to win business in the cloud market, which is dominated by the three hyperscale public cloud providers – Amazon’s AWS, Microsoft Azure and Google Cloud. But security is increasingly being seen as a key component in this market, with many of the leading players looking to improve their offerings.

Google Cloud has been particularly active in this respect. In December it purchased Israeli security business Siemplify for $500m, and is in the process of acquiring security vendor Mandiant for $5.4bn, a deal where it reportedly saw off competition from Microsoft. While AWS has been less active, CEO Adam Selipsky said in an interview with Bloomberg in April that the company is looking to make acquisitions, with security one area where it could strengthen its portfolio.

Tech Monitor is hosting the Tech Leaders Club on 15 September. Find out more on

Read more: IBM-backed blockchain tech platform shuts down

Topics in this article :
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.