Machine learning cybersecurity firm Darktrace PLC announced today that it plans to acquire cloud forensics and incident response platform startup Cado Security Ltd. for an undisclosed sum.

Founded in 2020, Cado Security specializes in cloud-native digital forensics and incident response solutions, with a platform that offers “forensic-level details without forensic-level effort” when dealing with incident response in the cloud. The company’s platform leverages the scale, speed and automation of the cloud to expedite forensics and incident response, with support for complex multicloud environments, systems and regions.

The Cado Platform supports automated data collection from multi-cloud environments, including Amazon Web Services Inc., Microsoft Azure and Google Cloud Platform, as well as on-premises systems to allow for rapid analysis and response to cyber incidents.

Cado users can analyze data in minutes with forensic-level detail to understand the full impact of cloud incidents, compared to what once took days with no agents required. The platform can investigate hundreds of data sources across cloud-provider logs, disk, memory and more to automatically surface key incident details, including root cause, compromised roles and assets, and a complete timeline of events, with support for single or multiple investigations at once.

Coming into its acquisition, Cado Security had raised $31.5 million in venture capital funding over three rounds, including a round of $20 million in March 2023. Investors in Cado include Eurazeo S.A.,  Ten Eleven Ventures, Blossom Capital LLP, Cylonlab Ltd. and Enter Ventures S.r.l.

Post acquisition, Darktrace intends to accelerate the growth of Cado’s existing products through investment while also combining Cado’s forensic investigation technology with Darktrace’s existing ActiveAI Security Platform. The combination of the tech from the two companies will enhance data collection across multiple cloud environments to better defend customers’ operations.

“The addition of Cado’s deep expertise in cloud-based data collection and forensics will enhance our ability to protect customers, ensuring they can operate securely and confidently across all areas of their business,” Jill Popelka, chief executive officer of Darktrace, commented on the deal. “Together, Darktrace and Cado will help customers quickly and effectively prevent and deter cyber threats, maintaining resilience in a fast-evolving threat landscape.”

The deal is also notable as it’s the first acquisition Darktrace has made since it was acquired on Oct. 1 by Thoma Bravo for $5.3 billion. The deal to acquire Darktrace had previously been announced in April.

Nicole Carignan, vice president of strategic cyber AI at Darktrace, spoke with theCUBE, SiliconANGLE Media’s livestreaming studio, in August to discuss how Darktrace is using AI to spot abnormalities through boosting incident detection, cyber resilience and threat vulnerability prioritization:

Image: Cado Security