Attack Surface Management , Security Operations

Asset Management Firm Armis Acquires Honeypot Maker CTCI

Deal Between Private Companies Is Worth About $20 Million
Asset Management Firm Armis Acquires Honeypot Maker CTCI
Armis acquired honeypot maker CTCI in a transaction approaching $20 million. (Image: Shutterstock)

Venture-capital owned Armis, a firm that touts its ability to prepare companies for attacks before they materialize, acquired cybersecurity startup CTCI in a transaction approaching $20 million.

See Also: Attack Surface Management Automation: Missteps and Solutions

Armis will merge CTCI employees and technology into its existing Centrix cyber exposure management platform over the next 30 days "to create the most advanced early warning cyber intelligence system in the world," the company said Wednesday. Armis is located in San Francisco, and CTCI is in Beaverton, Oregon.

Armis advertises Centrix as a cloud platform able to manage assets and prioritize vulnerability remediation. CTCI - described by Armis as "an AI-native company" - will boost capabilities such as honeypot deployment and integration of intelligence gleaned from criminal underground forums.

"In the face of continued, escalating cyberthreats, we recognize the importance of preempting an attack," said Armis CEO Yevgeny Dibrov, who co-founded the company in 2015 with CTO Nadir Izrael. Both executives are veterans of Israeli cyber intelligence Unit 8200.

Investing firm Insight Partners - already an early investor - acquired a majority stake in Armis in 2020 in a cash deal that valued the company at $1.1 billion. The transaction included $100 million in participation by Google investment arm CapitalG. As of February 2022, Armis had raised approximately $600 million and said it was worth $3.4 billion.

At this time last year, it said it had surpassed $100 million in annual recurring revenue.

CTCI - or Cyber Threat Cognitive Intelligence - was founded in 2020 by CEO Andrew Grealy and CTO Michael Freeman. One of its offerings is CEWL, or CVE Early Warning List - a catalog of vulnerabilities that threat actors are currently exploiting based on data from AI-configurable honeypots. "It's about what CVE threat actors are using in the world right now and what they're about to use," Grealy told Security Boulevard in 2021.

The CTCI acquisition is Armis' first but may not be its last. Calcalist reported that the asset intelligence vendor is in negotiations to buy Silk Security for tens of millions of dollars.

With reporting from Information Security Media Group's Michael Novinson in Massachusetts.

About the Author

David Perera

David Perera

Editorial Director, News, ISMG

Perera is editorial director for news at Information Security Media Group. He previously covered privacy and data security for outlets including MLex and Politico.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.