Sophos acquires MDR services firm Rook Security

Sophos acquires MDR services firm Rook Security

Combines offers with recently acquired DarkBytes platform

Joe Levy (Sophos)

Joe Levy (Sophos)

Credit: Sophos

Sophos has made its third acquisition in the space of six months with the purchase of managed detection and response (MDR) provider Rook Security.

The UK-based security vendor said it intends to create a re-sellable MDR service by combining Rook Security’s threat detection, investigation and response capabilities DarkBytes technology platform, which it bought in February.

According to Sophos, the combined solution will become available to its 47,000-strong global channel partner network.

The vendor also intends to combine its own security technology and product portfolio with Rook Security’s 24/7 “cyber hunter” services for its channel partners and MDR customers.

The company currently does not have a sales presence in Australia and New Zealand.

“Cyber criminals are relentlessly trying to exploit organisations with techniques ranging from tried-and-true phishing emails to the more recent trend of ‘hacker pen-testing’ to find weaknesses in their surface area,” said Joe Levy, chief technology officer at Sophos.

“As a result, businesses need 24/7 monitoring and management of what is happening on their network, yet many of them do not have the expertise, can’t keep up or don’t have the security teams in-house to optimally configure and manage security around-the-clock.”

Founded in 2008 by JJ Thompson and headquartered in the US, Rook Security offers solutions ranging from MDRs, advisory services and the security operations management platform. Thompson, also Rook's CEO, and his team will all join Sophos, Levy said in a company blog post.

“We are excited to bring our experts and service delivery innovation to Sophos, a global leader in next-generation cybersecurity,” Thompson added. “Together, we can implement faster, more effective threat detection and response capabilities to better protect businesses.”

As well as Rook and DarkBytes, Sophos also acquired San Francisco-based security start-up Avid Secure in an effort to boost its public cloud offerings.

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags sophosUKjoe levyDarkBytesRook SecurityJJ ThompsonMDR



Join key decision-makers within Environmental, Social, and Governance (ESG) that have the power to affect real change and drive sustainable practices. SustainTech will bridge the gap between ambition and tangible action, promoting strategies that attendees can use in their day-to-day operations within their business.

EDGE 2023

EDGE is the leading technology conference for business leaders in Australia and New Zealand, built on the foundations of collaboration, education and advancement.


ARN has celebrated gender diversity and recognised female excellence across the Australian tech channel since first launching WIICTA in 2012, acknowledging the achievements of a talented group of female front runners who have become influential figures across the local industry.

ARN Innovation Awards 2023

Innovation Awards is the market-leading awards program for celebrating ecosystem innovation and excellence across the technology sector in Australia.

Brand Post

Show Comments