Qualys Buys Blue Hexagon to Aid Secure Public Cloud Adoption

Qualys has purchased a startup founded by longtime Qualcomm technology leaders to better detect supply chain infections, crypto miners and unauthorized activity in the cloud.

See Also: Now OnDemand | C-Suite Round-up: Connecting the Dots Between OT and Identity

The Silicon Valley-based cloud security vendor says its acquisition of fellow Silicon Valley firm Blue Hexagon will allow customers to detect vulnerabilities that are being actively exploited, identify advanced network threats and implement adaptive risk mitigation across all assets and applications. The company’s cloud threat detection and response offering is aimed at helping enterprises adopt public cloud securely, Qualys says (see: Sumedh Thakar on Fusing Vulnerability and Patch Management).

“With our data and their technology, we feel like we can bring some comprehensive visibility and insight for customers by going through the data within the pipelines,” Qualys President and CEO Sumedh Thakar tells Information Security Media Group.

Making the Unknown Known

Blue Hexagon uses artificial intelligence and machine learning to identity and mitigate zero-day vulnerabilities and unknown risk and will continue to offer Blue Hexagon’s cloud threat detection tool to existing customers on a stand-alone basis, Thakar says. But he is primarily focused on embedding those capabilities within Qualys’ existing vulnerability management, XDR and EDR offerings.

It typically takes Qualys a year to integrate acquisitions in a meaningful way, Thakar says, but the plan is to integrate Blue Hexagon’s telemetry fully within Qualys’ existing user interface, rather than having to work across multiple consoles. This new vulnerability management tool will help customers see what’s being actively exploited in their own environment.

When it comes to EDR, Thakar says Blue Hexagon’s machine learning can be used to build a baseline model of an asset and determine if there is anomalous behavior taking place on an endpoint. And for XDR, Thakar says, the technology can help facilitate third-party integrations and deliver insights and analysis into more than just static rules that have been pre-created by customers.

“The technology that they have is going to be applicable to all sizes of customers, because it’s really helping identify anomalous behavior in their environment in the cloud,” Thakar says.

Blue Hexagon helps customers augment their existing vulnerability management and patching programs by identifying active exploitation of vulnerabilities, including ones that might not be publicly known, he says. By monitoring the normal state of machines on a regular basis, Thakar says Blue Hexagon can help with identifying unusual patterns in large sets of data (see: New Qualys CEO Tackles Cybersecurity Asset Management).

“Today, CISOs are able to mitigate known risk with Qualys,” Thakar says. “Really, the focus here with Blue Hexagon is to help identify and mitigate unknown risk. So that gives CISOs a fuller risk mitigation platform with Qualys rather than just a vulnerability scanner.”

From Qualcomm to Qualys

Blue Hexagon was founded in 2017, employs 22 people and has raised $37 million in two rounds of outside funding, according to LinkedIn and Crunchbase. All Blue Hexagon workers have joined Qualys, Thakar says. Terms of the acquisition, which closed Tuesday, weren’t disclosed. Qualys’ stock was up $2.09, or 1.46%, to $145.14 per share in trading Tuesday, which is the highest the stock has traded since Sept. 21.

The company was co-founded by Qualcomm Research Silicon Valley founder Nayeem Islam and Qualcomm Security Software Group Manager Saumitra Das, who became Blue Hexagon’s CEO and CTO, respectively. Islam will become vice president of product management for Qualys’ threat protection platform, according to Thakar.

“Our deep learning-based network detection and response products augment Qualys’ massive security data lake with network data and deep learning, enabling enhanced security risk assessment and detection,” Islam says in a statement.

This is Qualys’ sixth acquisition since being founded 23 years ago. The company in August acquired TotalCloud for $1.2 million to better assess clients’ security and compliance posture. In July 2020, Qualys moved into the endpoint detection and response market through its $1.5 million buy of Spell Security to boost its endpoint behavior detection, threat hunting and malware research skills.

Eighteen months earlier, the company purchased Adya for $1 million to help businesses consolidate administration of their SaaS applications. In October 2018, the company bought Layered Insight for $13.4 million to deliver visibility into applications running inside containers. And in April 2018, Qualys bought 1Mobility for $4 million to assess the security of all Android, iOS and Windows Mobile devices.