Agentic AI
,
Governance & Risk Management
,
Vulnerability Assessment & Penetration Testing (VA/PT)
Acquisition Boosts Speed With Agentic AI for Analysts and Automated Risk Reporting
Deepwatch purchased a security intelligence startup led by the former head of Symantec’s identity and CASB business to bolster agentic AI and threat exposure management.
The San Francisco-based company said its acquisition of Silicon Valley-based Dassana will bring value around automation, compliance reporting and proactive security management to Deepwatch’s internal SOC operations and customers, according to Deepwatch CEO John DiLullo. He said Deepwatch plans to retain most of Dassana’s employees and use their expertise for future development initiatives.
“As that conversation advanced, it went very quickly from partnership to, ‘Hey, wait, the best partnership is a merging of the two companies,'” DiLullo told Information Security Media Group. “It was a cash and stock transaction, so they continue to be investors in my company, and that made us even more excited about this possibility.”
Dassana, founded in 2020, emerged from stealth in April 2022 with $5 million in seed funding from Dell Technologies Capita, and today employs 28 people, according to LinkedIn. The company has been led since April 2023 by Ajay Nigam, who spent more than three years at Symantec, included a stint as general manager of the company’s identity and CASB lines of business.
Deepwatch initially approached Dassana for a partnership to leverage the company’s agentic AI and threat exposure management capabilities, but as discussions continued, DiLullo said it became clear an acquisition would give better alignment and control over the technology and future outcomes. DiLullo said Deepwatch plans to directly integrate Dassana’s products into the company’s managed detection and response tool (see: Deepwatch CEO on How AI Fuels Managed Detection and Response).
Agentic AI, Threat Exposure Management Take Center Stage
Deepwatch has already developed an agentic AI prototype using generative AI to assist security analysts, but he found that Dassana’s agentic AI solution was further along with better-developed automation workflows that Deepwatch could rapidly adopt. DiLullo said the impact of agentic AI will primarily be felt by Deepwatch analysts, but said clients will indirectly benefit from faster, more consistent responses.
“This gives me the ability to democratize all this AI technology, because all of my customers can benefit from it,” DiLullo said. “Agentic AI is something my customers may or may not see, but definitely my analysts will see it in the MDR environment. And I’ll be able to put this into production almost instantly.”
Dassana’s agentic AI will enhance analyst productivity, DiLullo said, making Deepwatch’s virtual SOC faster, more consistent, and less error-prone. Rather than replacing human analysts, DiLullo said the AI augments their capabilities, ensuring that analysts remain the final decision-makers in critical situations. Automation will slash time-to-respond, while consistency in threat analysis will reduce human errors.
“It’s like reading X-rays,” DiLullo said. “You know, doctors are much better when AI is helping them read the X-rays. But I’m not going to let the AI take out the scalpel, right? And I think our customers feel exactly the same way. They really do want to know that there’s eyes on glass on a lot of these critical alert environments.”
Meanwhile, DiLullo said Dassana’s threat exposure management tool distinguishes itself through rapid deployment, ease of use, and automated compliance reporting with data from 11 different security products. Deepwatch tested Dassana’s tool internally, DiLullo said, achieving full deployment in just 45 minutes and getting actionable intelligence and push-button compliance reports within 24 hours.
“We deployed it in less than 45 minutes, and we were getting great intel, as well as push button compliance reports, within 24 hours,” DiLullo said. “I just couldn’t believe it. I had never really seen a product that was quite so effective at interrogating about 11 different tools to determine the attack surface and the exposure environment.”
Dassana’s threat exposure management tool will cut the number of alerts by helping clients proactively identify and fix security gaps before they can be exploited, DiLullo said. This will not only improve client security posture, DiLullo said, but also reduce the workload on Deepwatch’s analysts, helping them focus on more critical alerts. Improving security posture will aid defense against common attack vectors.
“By working with our customers proactively on exposure management, we will cut down the number of alerts that our virtual SOC needs to deal with on their behalf,” DiLullo said. “That we will help them to create a better posture, a more resilient security infrastructure, and that will lead to an overall better experience.”
How Deepwatch, Dassana Will Come Together
Within 90 days, he plans to connect Dassana’s threat exposure data sources with Deepwatch’s detection capabilities, build an easy-to-deploy demo environment for sales demonstrations, and merge Dassana into Deepwatch’s “quote-to-cash” systems for ordering and provisioning. There is little integration overlap, with Deepwatch focusing on Splunk and Microsoft while Dassana focuses on Okta and Wiz (see: Deepwatch Raises $180M in Splunk-Backed Funding to Boost MDR).
“We have an ambitious 90-day plan to completely integrate it,” DiLullo said. “It’s an open base, it’s an open product. We think it’ll be able to be completely integrated with all of our quote-to-cash systems by the end of 90 days, and so be elegantly orderable and easy to price and easy to access online.”
Deepwatch intends to keep most of the Dassana team, including the organization’s India-based development center, with DiLullo seeing the team’s engineering capabilities as crucial for future projects beyond the acquired products. And from a capabilities perspective, DiLullo said Dassana has focused on early-stage threat detection, while Deepwatch has focused on mid-to-late-stage detection and response.
“They have an India development center,” DiLullo said. “We’re bringing that over, as well as they’re headquartered in the San Francisco Bay area. We’re bringing over all of those employees as well.”
The primary measure of the acquisition will be how quickly and widely existing and new customers adopt Dassana’s solutions, DiLullo said. Deepwatch also will track operational improvements around mean time to respond and mean time to remediate, as well as adoption of Dassana’s integrations with platforms like AWS, Okta and Wiz. Deepwatch also wants to maintain and leverage Dassana’s engineers.
“The ability for some of the agentic solutions to get hold and make those metrics perform better, that’ll be a big indicator of success for us,” DiLullo said.