Kaspersky acquires Brain4Net to supercharge SASE and XDR strategies

Brain4Net makes an open API platform built on their SD-WAN, which Kaspersky has added into Kaspersky Open Single Management Platform, and whose easy integration capabilities they will leverage to build out their SASE and XDR offerings.

Cybersecurity vendor Kaspersky has acquired Brain4Net, a late-stage startup headquartered in Moscow. Brain4Net has developed an open SD-WAN solution with NFV [Network Functions Virtualization] capability which forms the foundation of a SASE solution. Kaspersky intends to use Brain4Net’s technology and talent to build out their own SASE and XDR offerings.

A big part of this is Brain4Net’s open platform, which now becomes a part of Kaspersky Open Single Management Platform.

Ivan Vassunov, VP Corporate Product Management at Kaspersky

“These guys only built their SD-WAN initially as a core of a future SASE platform,” said Ivan Vassunov, VP Corporate Product Management at Kaspersky. “They are integrating the security functions for that with Open API – so its an Open Platform The market is moving to SASE, but to take advantage of that, the old school hardware vendors had to completely rebuild their network security functions. The Brain4Net platform, on the other hand, was created to bring in security functions from everywhere in the room, so it was very easy to integrate. We did it in a few days with Secure Web Gateway.”

Vassunov said that the strength of Brain4Net’s platform does not lie in its making any technology breakthroughs beyond the open architecture itself.

“It’s not new technology, but just doing it right,” he stated. “Old school vendors creating a platform from scratch would do it in the same way.”

Kaspersky sees the acquisition of Brain4Net’s technology as driving its long-term strategy.

“This was a 100% strategic decision,” said Sergey Martsynkyan, VP Corporate Product Marketing Manager at Kaspersky. “A few years ago, we defined our strategy as cloud open XDR platform. We tried to understand what was missing,  and we decided we needed SASE as part of the solution. So we spent  a lot of time assessing different technologies.”

“We understood that because more security incidents are happening in the cloud, we needed visibility in cloud to correlate with the network and endpoint events to give more insights,” Vassunov said. “But we didn’t want a standalone network security offering. We needed to integrate it into our XDR. We looked at who was on the market, and did several evaluations, mostly in Europe. We liked the maturity of the Brain4Net solution and the ability of the development team to execute the roadmap. If we had looked at SASE vendors who had everything already integrate it would have cost a lot more.”

While Brain4Net formerly had a U.S. office, they are no longer selling in North America, and they are not well known here.

Sergey Martsynkyan, VP Corporate Product Marketing Manager at Kaspersky

“They have a stronger presence in eastern Europe,” Martsynkyan said. “They don’t have a lot of customers in North America. They have worked with big enterprises and MSSPs. We can use our partner channel to sell their solution with our XDR platform – and it gives us access to big enterprise customers. It will also help us to sell more through MSSPs, as more and more customers want those services.”

The first priority will be to bring a completely new SASE offering to the market as part of a unified platform, which will combine Kaspersky’s security offerings with Brain4Net’s network orchestration and control capabilities.

“The plan is to close the gaps in a Zero Trust approach, with a bundle with Firewall-as-a-service and Secure Web Gateway within a year,” Vassunov said. We will then add in Zero Trust Network Access and CASB, to provide a full SASE from Kaspersky, although we will be very open to integrations with third party vendors.”

They will also integrate their existing EDR and the new SASE inside a new XDR platform.

“We expect ease of integration here because of the openness of breadth of the SD- WAN platform,” Vassunov stated. “It can be accomplished easier compared to other vendors, who build their XDR with third party acquisitions.

“The XDR will have embedded playbooks, a cloud data lake, and the evolution of the same cloud-native management platform into XDR,” Vassunov added. “The first goal will be to put in our own portfolio, with our OSMP platform, including EDR, threat intelligence, and MDR. There will also be a cloud sandbox. Next year, we will provide a complete XDR including an incident response platform,response playbooks and third party integration.”

The SASE and XDR solutions will be aimed at enterprise and midmarket customers, and through MSSPs, at SMBs as well.

“The market for network security is changing fast, and old school products are being end-of-lifed, making more customers, including SMBs, choose SASE,” Vassunov said.

These solutions will also be sold through all levels of Kaspersky partners.

“Some time ago, we decided that since different companies have different needs and smaller ones don’t have capabilities to manage all of them, that we would split our portfolio into 3 stages – Foundation, Optimum and Expert,” Martsynkyan said. “We will provide the right tools for each, so that they can be managed by themselves or outsourced. We will do the same for SASE and XDR, and create solutions for all parts of the market.”