Endgame, once a secretive supplier of cyber weapons to yet more secretive government agencies, has made its first acquisition, aiming to help public- and private-sector clients better protect mobile devices used by employees.
Endgame bought Melbourne (Fla.)-based Onyxware for an undisclosed sum and plans to announce the transaction today. Onyxware’s technology gives users the ability to see when their devices are connecting to unsafe networks or when a third party is using an app to access private information on a mobile phone, according to Endgame Chief Executive Officer Nathaniel Fick.
“Lots of federal agencies have adopted ‘bring-your-own-device’ policies, so app security is a huge issue,” says Fick. “Mobile’s obviously a growing threat vector.”
Endgame is best known for selling offensive cyber arms to the U.S. government, including insights into previously undisclosed security flaws in existing software. Such weaknesses, which cyber spies can take advantage of, are sometimes called zero-day exploits. Fick, who joined the company in December 2012, is leading its transition into more general cyber analytics and services for the government and the private sector.
“The zero-day business is just a crummy business because it’s a really tiny market with low margins,” says Fick. “It’s getting harder to discover them, and the universe of people doing the hunting is getting bigger and bigger.”
Endgame raised $23 million in March 2013 from a group of venture funds—among them Paladin Capital Group, Bessemer Venture Partners, and Kleiner Perkins Caulfield & Byers—with an acquisition in mind, says Fick. He declined to give financial details of the deal, except to say that Onyxware is profitable.
Endgame, with 100 employees, gains 10 computer engineers from Onyxware, Fick adds—a coup in a field where competition for talent is fierce.
The mobile-security technology also has applications for the private sector, in which Endgame is focusing on financial-services and technology companies. The company’s first commercial projects got under way at the end of last year, Fick says, and include helping a payments company detect encrypted data that’s being removed from its network and protecting the tens of thousands of virtual machines that are part of the cloud computing structure for a large social media company.
Some of the early employees of Onxyware, including co-founder Charles Carroll, came from SI Government Solutions, a part of Raytheon and an active provider of cyber weapons to the U.S. government, according to Bloomberg News.