Cyber-insurance provider Coalition announced today it acquired BinaryEdge, a company that runs a search engine for internet-exposed devices.
Coalition completed the BinaryEdge acquisition in October 2019, Coalition CEO Joshua Motta and BinaryEdge CEO Tiago Henriques told ZDNet this week.
The deal’s terms have not been disclosed.
Coalition plans to integrate BinaryEdge’s internet-wide vulnerability scanning features into its cyber insurance offering, but also intends to keep BinaryEdge running as a self-standing service, as it did until today, and even lower prices going forward.
Integrating BinaryEdge into Coalition’s insurance offerings
The main winners of this acquisition are Coalition’s cyber insurance customers. Motta told ZDNet that since the acquisition completed last year, Coalition has been working on integrating BinaryEdge’s scanning features into its cyber insurance policy offering.
Starting today, all of Coalition’s current and future cyber-insurance customers will have their internet-exposed networks scanned with BinaryEdge and customers will receive security alerts about internet-exposed systems and the vulnerabilities found in each device or server. Included in the alerts will be guidance on how companies can update or mitigate vulnerable systems.
“All Coalition policyholders will receive BineryEdge scans at no cost. This is offered as a service to help Coalition policyholders improve their security posture,” Motta told ZDNet.
“In our experience, security failures occur not because companies are aware of glaring issues and ignore them, but because they don’t know they exist in the first place,” Motta added.
“Ignoring an alert — even a glaring one — would in no way reduce the coverage available under the policy, although it could result in higher premiums upon policy renewal or, in an extreme case, a non-renewal of coverage for a subsequent policy year.”
More than 10,000 Coalition customers stand to benefit from this new offering. BinaryEdge scans of Coalition customer networks will take place around the clock and Motta and Henriques claim they’ll be able to detect and notify companies of vulnerabilities on their internet-exposed networks within hours of exposure.
Keeping BinaryEdge alive and well
But the pressing question on every’s mind is also if BinaryEdge would continue to exist in the form everyone knows it today.
For the past years, BinaryEdge has amassed quite the following and customerbase in the information security (infosec) community, primarily due to high-quality and numerically superior results when it comes to unearthing internet-connected devices through its scans, compared to its competitors.
The BinaryEdge portal has been a cash cow for many security researchers. Some have used it to find unpatched systems across the internet, notified companies, and then received bug bounty rewards for their effort.
Another part of the infosec community — called “data breach hunters” — has used BinaryEdge to find database servers that were left exposed online without proper protection. Similarly, they reported the exposed databases to their respective owners, and some have also received monetary rewards for their efforts.
What happens to BinaryEdge in the long run is important to a lot of the infosec community.
In today’s constantly-moving tech scene, there’s a real reason of concern whenever an acquisition is announced, as companies will often choose to discontinue successful products and embed them into closed and proprietary offerings.
However, this is not the case with Coalition’s BinaryEdge acquisition.
“BinaryEdge will continue to operate as a separate service for the wider infosec community, and one that we hope to make even more accessible,” Motta and Henriques told ZDNet.
“For example, following the acquisition we reduced prices for infosec researchers from $50/month to $10/month. Going forward, it is our aspiration to make the platform totally open, allowing any organization or member of the infosec community to access most features on the platform at no cost,” the two added.
“Outdated approaches to both insurance and security are not working, and it seemed clear that there should be a platform to democratize access to tools that prevent and mitigate loss for organizations, and to help them recover even when their security fails,” they said. “Coalition was founded to do exactly this by combining cybersecurity with insurance, and working with customers before, during and after an incident.”
As for changes to the BinaryEdge staff, Motta has ruled out any major shifts out of the gate.
“It was always as important to acquire the team as it was the technology they’ve built — and we’re proud that the entire team is still at Coalition,” Motta said.
“In fact, we’ve already added another three staff to the team to support our vision to turn BE into an open platform available to all.”