Ivanti strengthens patch management with RiskSense acquisition

RiskSense adds risk-based prioritization drawn from a red team attackers’ perspective, to complement the existing Ivanti technology and provide a more well-founded solution.

Ivanti, which has built out an automation platform that provides IT service management, unified endpoint management, and security, largely through acquisitions, has announced the strengthening of their patch management capabilities – through another acquisition. Ivanti has acquired Sunnyvale CA-based RiskSense, a pioneer in risk-based and priority-based vulnerability management. Terms of the deal were not disclosed.

Ivanti already had substantial patch management capabilities through both their LANDesk and Shavlik technologies, so the addition of the RiskSense technology represents an enhancement of existing capabilities, not a net-new addition.

“Ivanti is one of the worlds largest patch management vendors, and it is widely used as an engine today,” said Srinivas Mukkamale, RiskSense’s CEO. “The problem now is that there are too many vulnerabilities to patch, and thus too much downtime. RiskSense looks at patches that are tied to vulnerabilities that have known exploits with ties to APTs and state sponsored threats, to prioritize the vulnerabilities to remediate first.”

Mukkamala, one of RiskSense’s co-founders, was one of the builders of a machine learning program for cybersecurity under the Clinton administration.

“We looked at the digital assets of the U.S., both from an offensive and a defensive perspective, to identify vulnerabilities and which exploits to work on,” he said. “The key is risk-based prioritization, identifying weaknesses and weaponizing vulnerabilities. With RiskSense, we help the end customer identify where and why to focus. The why matters, and few can tell that, without the contextual perspective that we provide. RiskSense takes that knowledge and experience, and makes it more broadly available to the commercial world.”

Mukkamala said that this perspective is relatively unique. Kenna, which was just acquired by Cisco, is close but they come at it from a different perspective.

“They come from world of operations excellence,” he stated. “We think like a bad guy, while they come from a defense perspective.”

Like Kenna, Ivanti’s patch management has also been focused on the defense.

“We have been working with Ivanti for nine months now, and we have found that we have two personas. Ivanti focuses on IT and ops teams. RiskSense’s customers are security folks. Bringing them together is the best of two worlds, creating a disruptive force that will come into the market.”

Mukkamala said that coming together with another company made sense with them because they one thing they did not have was good fidelity on patch data.

Srinivas Mukkamale, RiskSense’s CEO

“We looked at vendors we should partner with for this, and we found that Ivanti and BigFix were the two who had the best data. However, under the covers, we found that Ivanti had better data quality. So we approached them to partner with them to get their patch data. Then Ivanti started expanding, with their other acquisitions last year, and that gave me the comfort that this is a great convergence play.”

While it is early days, Mukkamale said that four Go-to-Market strategies are being worked out.

“One is that it will be rolled into the Ivanti platform as part of patch intelligence, so that every existing Ivanti patch customer will get more value add,” he noted. “The second is that all RiskSense customers will be sold to as before, with what is presented as a risk-based vulnerability management solution. The convergence piece with OEMs is the third piece, and the fourth piece is channel, including MSSPs and GSIs, especially those getting into vulnerability management as a service. This is a great opportunity to the channel to bring a vetted solution, that provides real value rather than fluff to customers. Everyone deals with ransomware and cyberattacks, and with Ivanti we will bring a disruptive solution at an affordable cost.”

RiskSense joints Ivanti with a channel of its own. While Ivanti initially absorbed the channels of acquired companies pretty much intact, in 2020 they concluded that policy had been a mistake, leaving them with too many partners, many of who were not strong, and made changes both to reduce the number of partners and consolidate renewals. Mukkamale does not anticipate their channel will need to be pruned, however.

“We were very selective as a startup in onboarding our channel, and made sure it was very high quality and high value,” he said. “That rigor that we went through allowed us to find the right partners. We will continue to have a dialogue with Ivanti, and will make sure we do the right thing for the ecosystem.”