Recorded Future announced Friday acquiring malware analysis firm Hatching. ("Cash Money (part two)" by jtyerse is licensed under CC BY-NC-ND 2.0)

Threat intelligence company Recorded Future on Friday announced that it acquired Hatching, a company that offers Triage, a sandboxing technology that delivers high-performance malware analysis. A purchase price was not disclosed.

The merger aims to offer Recorded Future customers with better visibility into active malware campaigns in the wild, improved attribution, and a critical edge against adversaries that use malicious software to disrupt business operations.

“By combining Hatching’s automated malware analysis capabilities with Recorded Future intelligence …our clients will now have an intelligence advantage against malware exploits, one of the most pervasive threats facing every organization,” said Christopher Ahlberg, co-founder and CEO of Recorded Future. “

When done correctly, threat intelligence offers insight into past observed scenarios and emerging threats to an environment, said Andy Gill, senior security consultant at LARES Consulting. Gill said the underlying importance is actionable intelligence rather than threat actor or tactics, techniques, and procedures bingo.

“Combining this with malware analysis and lessons learned on that front will enable an analyst to provide a complete picture of the threat landscape,” Gill said. “It may also potentially link the malware to known threat groups. Additionally, it allows for better observations to be made on the behavior of the malware and the ability to identify and cross-reference similarities with other families of similar malware.”

Jon Oltsik, senior principal analyst and ESG Fellow said he thought this acquisition by Recorded Future was a very good fit.

“Recorded Future can provide intelligence ‘around’ malware – who the adversary is, the infrastructure they use, and IoCs, but in the past, they would rely on a third-party for malware analysis,” Oltsik explained. “This acquisition makes Recorded Future a one-stop-shop for a large portion of an organizations cyber-threat intelligence needs.”

John Bambenek, principal threat hunter at Netenrich, added that threat intelligence should always strive to get insights throughout the life-cycle and techniques used by attackers.

“Malware remains a significant component of the overall attack behavior and those insights can help drive protective and detection techniques,” Bambenek said.