UK cybersecurity firm Darktrace has agreed to acquire Cado Security, a provider of cyber investigation and response solutions tailored for hybrid and multi-cloud environments. In so doing, Darktrace aims to advance its cloud security capabilities as organisations increasingly migrate to cloud platforms and SaaS solutions to underpin their operations.
Cado Security specialises in the provision of automated incident response and forensic investigations across diverse environments, including cloud, serverless, and containerised systems. Its technology is designed to streamline complex investigations, reducing response times and enabling cybersecurity teams to address threats more effectively. In addition, Cado Security’s ability to work across multi-cloud and on-premises systems has seemingly positioned it as an attractive addition to Darktrace’s own portfolio.
Expanding incident response capabilities
Darktrace intends to invest in scaling Cado Security’s existing solutions while integrating its forensic technology into the Darktrace ActiveAI Security Platform. This integration, said the former, is expected to enhance data collection and investigation processes, providing more comprehensive insights into cyber threats. Additionally, the enriched data sets from Cado’s technology will augment Darktrace’s Cyber AI Analyst, an AI-powered tool that investigates alerts, prioritises incidents, and reduces alert fatigue for cybersecurity teams.
“The addition of Cado’s deep expertise in cloud-based data collection and forensics will enhance our ability to protect customers, ensuring they can operate securely and confidently across all areas of their business”, said Darktrace CEO Jill Popelka.
Cado Security was founded by James Campbell and Chris Doman, who bring extensive expertise in cybersecurity and threat intelligence. Campbell previously led Australia’s National Incident Response capability at the Australian Signals Directorate, while Doman is known for developing the ThreatCrowd platform, later integrated into the AlienVault Open Threat Exchange and acquired by AT&T.
“Darktrace is an excellent fit for Cado, providing an opportunity for growth and innovation while allowing our team to advance their careers within a dynamic company deeply committed to R&D and to protecting its customers from growing cyber threats,” said Campbell. “Our technologies build on each other’s strengths, and we are incredibly excited to work with the Darktrace team to continue to elevate AI-driven cybersecurity capabilities for our combined global customer base.”
The deal, which awaits regulatory approval, is expected to close in February. While the financial details of the acquisition have not been officially disclosed, reports suggest the transaction could be valued between $50m and $100m. Upon the completion of the deal, the Cado Security team, including its research and development (R&D) staff in London and Bristol, will join Darktrace’s R&D hubs in Cambridge and The Hague. This collaboration aims to drive innovation in cloud detection and response capabilities, aligning with Darktrace’s vision for proactive cyber resilience.
This acquisition follows a period of significant growth for Darktrace, which was acquired by software investment firm Thoma Bravo for $5.3bn in October 2024. The move underscores the company’s commitment to expanding its research, development, and AI-driven solutions to address an evolving cyber threat landscape. Darktrace’s recent advancements include the launch of its Darktrace/CLOUD platform for AWS in 2023 and its expansion to Microsoft Azure in 2024.
Read more: Darktrace revenue up 31% as ‘age of AI cyberattacks’ arrives
