Thoma Bravo-owned Sophos has announced it’s acquiring Braintrace, a cybersecurity startup that provides organizations visibility into suspicious network traffic patterns. Terms of the deal were not disclosed.
Braintrace, which was founded in 2016 and has raised $10 million in funding, has developed a network detection and response (NDR) solution that helps organizations to easily inspect network traffic to identify and filter out suspicious activity. It does this using remote network packet capture (RNCAP) technology, which provides visibility into network traffic patterns, including encrypted traffic, without the need for man-in-the-middle decryption. It also provides visibility into cloud network traffic, a task that typically needs to be carried out on-site, and supports all of the major cloud providers, including AWS and Microsoft Azure.
The deal will see Sophos integrate Braintrace’s NDR technology into its own adaptive cybersecurity ecosystem, which underpins all of its security products and services. The technology will also help Sophos collect data from firewalls, proxies and VPNs, allowing it to look for network traffic that contains instructions for malware like TrickBot, and attackers that misuse Cobalt Strike, as well as pre-empting other malicious traffic that might lead to ransomware attacks.
Braintrace’s developers, data scientists and security analysts have joined its global Sophos’ managed threat response (MTR) and rapid response teams as part of the deal.
To guard against data loss and misuse, the cybersecurity conversation must evolve
Commenting on the deal, which Sophos claims will make it one of the largest and fastest-growing managed detection and response (MDR) providers, the company’s CEO Joe Levy said: “We’re excited that Braintrace built this technology specifically to provide better security outcomes to their MDR customers. It’s hard to beat the effectiveness of solutions built by teams of skilled practitioners and developers to solve real-world cybersecurity problems.”
Disrupt 2026: The tech ecosystem, all in one room
Your next round. Your next hire. Your next breakout opportunity. Find it at TechCrunch Disrupt 2026, where 10,000+ founders, investors, and tech leaders gather for three days of 250+ tactical sessions, powerful introductions, and market-defining innovation. Register now to save up to $400.
Save up to $300 or 30% to TechCrunch Founder Summit
1,000+ founders and investors come together at TechCrunch Founder Summit 2026 for a full day focused on growth, execution, and real-world scaling. Learn from founders and investors who have shaped the industry. Connect with peers navigating similar growth stages. Walk away with tactics you can apply immediately
Offer ends March 13.
Bret Laughlin, co-founder and CEO of Braintrace, added: “We built Braintrace’s NDR technology from the ground up for detection and now, with Sophos, it will fit into a complete system to provide cross-product detection and response across a multi-vendor ecosystem.”
The deal comes a little over a year after Thoma Bravo completed its $3.9 billion takeover of Sophos, and sees the private equity firm further increasing its reach in the cybersecurity space. It acquired security vendor Proofpoint for $12.3 billion back in April, and recently led a $225 million funding round in zero trust unicorn Illumio.
Thoma Bravo buys cybersecurity vendor Proofpoint for $12.3B in cash
