Proofpoint Nabs Illusive, Signaling a Sunset for Deception Tech

Former pure-play deception startup Illusive attracts Proofpoint with its repositioned platform focusing on identity threat detection and response (ITDR).

Less than year after a shift to the burgeoning identity threat detection and response (ITDR) market from its initial roots as a pure-play deception technology startup, Illusive reached the liquidity promised land this week. Proofpoint has announced plans to purchase the firm for an undisclosed amount, with the deal set to close in early 2023.
According to executives from Proofpoint, which specializes in email and cloud security, the pickup was spurred by a drive to reinforce its technology portfolio with identity-focused protections. The company said it was drawn to Illusive for its identity risk discovery and remediation capabilities, in addition to post-breach defenses that could build out Proofpoints protections against ransomware and data theft.
Its currently far too easy for an attacker to turn one compromised identity into an organizationwide ransomware incident or data breach, said Ryan Kalember, executive vice president of cybersecurity strategy for Proofpoint, in
a statement
.
Initially founded in 2014 by former Check Point Software Technologies veteran Ofer Israeli, Illusive touted itself for a long time for its deception technology capabilities, focusing primarily on breach detection through the use of decoy assets — including credentials — seeded on customer networks.
The firm had raised more than $54 million in venture funds with that market positioning. However, pure-play deception increasingly has been subsumed as a narrow feature set within broader segments, like extended detection and response (XDR).
As Forresters David Holmes put it in his
analysis
of the acquisition of deception player Attivo by XDR vendor SentinelOne in March, Deception tech, while
super cool
, was never able to achieve escape velocity on its own, and some of its shining stars are disappearing into portfolios of larger vendors.
Amid that kind of market action, Illusive pivoted.
Earlier this year, it repositioned itself as an identity risk management vendor, with the launch of its Illusive Spotlight ITDR platform in February.
The platform is not that big of a departure from its deception roots — it works hand-in-hand with the deception technology the vendor had developed and sells through its Illusive Shadow product. But the launch of Spotlight gave Illusive leave to reposition itself as a major identity player and go after a market that industry analysts are increasingly promoting as an important component of security programs of the future.
In March, Gartner named the rise of ITDR as one of the top security and risk management trends for 2022.
Organizations have spent considerable effort improving [identity access management] IAM capabilities, but much of it has been focused on technology to improve user authentication, which actually increases the attack surface for a foundational part of the cybersecurity infrastructure, Peter Firstbrook, research vice president for Gartner, said in that
prediction
. ITDR tools can help protect identity systems, detect when they are compromised, and enable efficient remediation.
In many ways, this deal by Proofpoint mirrors SentinelOnes purchase of Attivo. Forresters Holmes said at the time that the company was attracted to Attivos identity capabilities first, with the deception element coming second.
What acquisitions like this one ultimately mean for security and risk decision-makers is that they can pivot from deploying a stand-alone deception tech product and start evaluating how deception gets paired with one or two key tactical domains such as identity, Holmes wrote at the time.
The Proofpoint purchase of Illusive solidifies that assessment.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Proofpoint Nabs Illusive, Signaling a Sunset for Deception Tech