The sale might be disclosed as soon as the next few days, according to the people, who requested not to be identified because they were speaking about a private transaction. San Francisco-based RiskIQ makes cloud software for detecting security threats, helping clients understand where and how they can be attacked on complex webs of corporate networks and devices, according to one of the people. Microsoft will pay more than $500 million in cash for the company, according to one of the people.
According to the company's website, customers include Facebook Inc., BMW AG, American Express Co., and the United States Postal Service.
RiskIQ, which is known for its yearly security report known as the "Evil Internet Minute," has garnered $83 million from investors such as Summit Partners and Battery Ventures, according to Crunchbase. It was established in 2009.
RiskIQ did not immediately respond to a request for comment, and a spokeswoman for Microsoft declined to comment.To safeguard individual PCs and identify network assaults, Microsoft has been adding security capabilities to products like Windows and its Azure cloud services. Microsoft has also hired people to look for flaws in its own products, assist clients in recovering from cyberattacks, and established a lab dubbed the Microsoft Threat Intelligence Center that keeps tabs on nation-state hackers.
In order to improve its security capabilities, the software company has purchased other companies. Microsoft paid an unknown sum for ReFirm Labs, a provider of technologies to safeguard Internet of Things devices, last month. Microsoft has 3,500 security employees working on a mission to secure consumers "from the chip to the cloud," according to a blog post announcing the purchase.
Microsoft and the rest of the US IT industry, as well as businesses and government organisations, have been dealing with a series of severe and pervasive cyberattacks for the past eight months.
