Sophos Acquires Capsule8, Adding Linux Security to ACE

Linux has become the dominant operating system for server workloads.

Edward Gately, Senior News Editor

July 8, 2021

3 Min Read
Word Linux on a digital background

Sophos has acquired Capsule8 to bring Linux server and cloud container security to its Adaptive Cybersecurity Ecosystem (ACE).

Capsule8 provides runtime visibility, detection and response for Linux production servers and containers covering on-premises and cloud workloads. Linux has become the dominant operating system for server workloads.

Adversaries use compromised Linux servers as cryptomining botnets or as a high-end infrastructure for launching attacks on other platforms. Those attacks include hosting malicious websites or sending malicious emails. Given that Linux servers often hold valuable data, attackers also target them for data theft and ransomware.

The Sophos ACE platform leverages automation and human operators to help businesses stay ahead of attackers.

Keep up with the latest channel-impacting mergers and acquisitions in our M&A roundup.

Sophos will also feature Capsule8 technology in its extended detection and response (XDR) solutions, Intercept X server protection products, and Sophos Managed Threat Response (MTR) and Rapid Response services.

Sophos expects to begin early access programs with its products and services leveraging the Capsule8 technology later this fiscal year.

Capsule8’s design is ideal for Linux servers, especially those used for high-scale workloads, production infrastructure and storing critical business data, Sophos said. It didn’t say how much it paid for Capsule8.

Additional Partner Sales Opportunities

Dan Schiappa is Sophos’ chief product officer.


Sophos’ Dan Schiappa

“Sophos’ acquisition of Capsule8 is important for partners because it means they can additionally target customers that are looking for a high-performance, low-impact Linux offering for high-value workloads,” he said. “Partners can also sell to customers who want a single vendor for both end-user compute and server workloads across both Windows and Linux. With the types of targeted Linux attacks and massive migration to the cloud, organizations need the type of protection and detection Capsule8 will bring to Sophos’ ACE, and portfolio of products and services. This means having security across all platforms, and they are constantly sharing intelligence to prevent cyberattacks.”

This acquisition gives Sophos and its partners a competitive advantage, Schiappa said. That’s because Sophos is now “one of the only vendors that can provide this level of defense-in-depth that adds much needed Linux server security with a complete portfolio of end-to-end solutions, and managed detection and response services.”

“Attackers are changing and moving so quickly, as seen with the recent Kaseya ransomware attack, that all types of businesses need to make security a priority regardless of size, type and operating platform,” he said.

Customers’ Evolving Needs

The Sophos and Capsule8 acquisition helps partners better meet customers’ evolving cybersecurity needs, Schiappa said.

“This is due to the base that Sophos already has in place with its Intercept X, Intercept X for Windows Server Protection, XDR solutions, data lake, new Sophos Firewall, and Managed Threat Response and Rapid Response,” he said. “The industry as a whole needs stronger Linux security, and Capsule8 specializes in this technology. As cyberattackers up their game, so too are security vendors, and with Capsule8 we are further advancing defenses.”

Capsule8 partners will have the benefit of working with a “world-class, channel-first global cybersecurity leader,” Schiappa said.

“Training, education, threat intelligence from our SophosLabs and managed threat response teams, an advanced next-gen portfolio, including Intercept X, all of these things that make Sophos a leader will be in the hands of Capsule8’s partners to help them better protect existing customers and generate new ones,” he said.

John Viega is Capsule8’s CEO.

“We provide security teams with the crucial visibility they need to protect Linux production infrastructure against unwanted behavior, while at the same time addressing cost, performance and reliability concerns,” he said. “We’ve innovated new approaches to deliver runtime security in a much safer and more cost-effective way than anyone else in the industry. With Capsule8’s technology, organizations are no longer forced to choose between system stability and security risk. Given the growth and mission-critical nature of Linux environments, and the fast-changing, targeted threat landscape, organizations must be confident that their Linux environments are both performant and secure.”

Read more about:


About the Author(s)

Edward Gately

Senior News Editor, Channel Futures

As news editor, Edward Gately covers cybersecurity, new channel programs and program changes, M&A and other IT channel trends. Prior to Informa, he spent 26 years as a newspaper journalist in Texas, Louisiana and Arizona.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like