Category Sponsorship Banner Left

Category Sponsorship Banner Right

Category Sponsorship Banner Middle

Wednesday, 04 August 2021 12:35

Sophos acquires Refactr

Sophos chief technology officer Joe Levy Sophos chief technology officer Joe Levy

British security software and hardware company Sophos has acquired tech startup Refactr. Sophos is optimising Refactr’s DevSecOps automation platform with its Security Orchestration Automation and Response capabilities to ensure better protection.

Sophos has acquired Refactr, a startup which develops and markets versatile DevSecOps automation platform that bridges the gap between DevOps and cybersecurity.

Refactr launched in 2017 and is privately held. It is based in Bellevue, Washington.

As DevOps and security teams continue to adopt IT-as-Code approaches to managing their environments, Refactr’s ability to automate any of these processes enables teams to scale.

DevOps teams can augment existing continuous integration, continuous delivery and continuous deployment (CI/CD) workflows, and cybersecurity teams can leverage the platform’s visual drag and drop builder on the Refactr platform.

Sophos optimises Refactr’s DevSecOps automation platform to add Security Orchestration Automation and Response (SOAR) capabilities to its Managed Threat Response (MTR) and Extended Detection and Response (XDR) solutions.

The SOAR capabilities will also help automate Sophos’ Adaptive Cybersecurity Ecosystem, which supports Sophos’ product solutions, services, threat intelligence, and data lake.

According to the Market Guide for Security Orchestration, Automation and Response Solutions, a study conducted by global research and advisory company Gartner,
the security technology market, in general, is in a state of overload, with pressure on budgets, staff shortages, and too many point solutions.

The study added customers often cite problems with an overload of events or alerts, complexity, and duplication of tools. As a general practice, automation promises to solve many of these problems and, in cybersecurity, SOAR is the primary vehicle for this functionality.

In another Gartner study titled SOAR: Assessing Readiness Through Use-Case Analysis, the proposed use cases for SOAR include everything from the automation of rote SOC tasks to the streamlining of niche and complex workflows.

The study says that with appropriate preparation, the commitment of the right skills and resources, and careful use-case-centric planning, SOAR can deliver on the promises of reduced event overload, increased detection accuracy, team scalability, reduced time to detection and overall better security operations.”

Sophos’ Active Adversary Playbook 2021 has identified correlations among the top five tools used by adversaries that IT administrators and security professionals use in their everyday tasks.

The report revealed that 37 attack groups used more than 400 different tools between them.

The median attacker dwell time before detection was 11 days, providing attackers with up to 264 hours for malicious activity—from lateral movement, reconnaissance, credential dumping, and data exfiltration.

Sophos recommends early detection and response through automation can help minimise these statistics and improve security against attackers.

“We’re now witnessing an evolution where more and more businesses are becoming software companies, and our security solutions need to evolve in parallel,” explains Sophos chief technology officer Joe Levy. “As we’ve seen in recent supply-chain incidents, attackers are increasingly targeting software development pipelines, and defenders need the ability to shift further left of attackers.

Levy says the industry needs SOAR to mature into a more capable and generalisable DevSecOps solutions.

"With Refactr, Sophos will fast track the integration of such advanced SOAR capabilities into our adaptive cybersecurity ecosystem, the basis for our XDR product and MTR service,” says Levy.

“We will provide a full spectrum of automated playbooks for our customers and partners, from drag-and-drop to fully programmable, along with broad integrations with third-party solutions through our technology alliances program to work with today’s diverse IT environments.”

Sophos says it will continue to develop and offer Refactr’s platform to their existing and growing base of partners and organisations that want to build customised IT and security automations for themselves and for their customers.

Refactr’s Community Edition will also be available.

“We created the Refactr platform so that every organisation can deliver effective DevSecOps through holistic security-first automation,” attests Refactr CEO and co-founder Michael Fraser. Cybersecurity teams can now collaborate with DevOps to easily build complicated IT automation and security integrations through DevSecOps pipelines.

“We want cybersecurity use cases like SOAR, XDR, compliance, cloud security, and Identity and Access Management (IAM) become building blocks for DevSecOps solutions," says Fraser. "We are already seeing success in providing organisations our emerging technology, including the Centre for Internet Security and the US Air Force. We are excited for the next part of our journey with Sophos to help create a more secure world through DevSecOps.”

Refactr’s entire team of team of developers and engineers have joined Sophos. In addition to the continued offering of the Refactr platform, Sophos plans to begin offering SOAR options by early 2022.

Subscribe to ITWIRE UPDATE Newsletter here


The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.



iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.


Kenn Anthony Mendoza

Kenn Anthony Mendoza is the newest member of the iTWire team. Kenn is also a contributing writer for South China Morning Post Style, and has written stories on Korean entertainment, Asian and European royalty, Millionaires and Billionaires, and LGBTQIA+ issues. He has been published in Philippine newspapers, magazines, and online sites: Tatler PhilippinesManila BulletinCNN Philippines LifePhilippine StarManila Times, and The Daily Tribune. Kenn now covers all aspects of technology news for

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News