Sophos has acquired Bellevue, Washington-based startup Refactr, which develops and markets a DevSecOps automation platform that bridges the gap between DevOps and cybersecurity. The company did not disclose the financial terms of the deal.

Founded in 2017, Refactr has leading customers in both the private and government/public sectors, including the Center for Internet Security and the U.S. Air Force’s Platform One. As part of the acquisition, Refactr’s entire team of team of developers and engineers have joined Sophos. In addition to the continued offering of the Refactr platform, Sophos plans to begin offering SOAR options by early 2022.

As DevOps and security teams continue to adopt “IT-as-Code” approaches to managing their environments, Refactr’s ability to automate any of these processes enables teams to scale. For example, with Refactr’s platform, DevOps teams can augment existing continuous integration, continuous delivery and continuous deployment (CI/CD) workflows, and cybersecurity teams can leverage the platform’s visual drag and drop builder.

Sophos is optimizing Refactr’s DevSecOps automation platform to add Security Orchestration Automation and Response (SOAR) capabilities to its Managed Threat Response (MTR) and Extended Detection and Response (XDR) solutions. The SOAR capabilities will also help automate Sophos’ Adaptive Cybersecurity Ecosystem, which underpins all of Sophos’ product solutions, services, threat intelligence, and data lake.

Sophos will continue to develop and offer Refactr’s platform to their existing and growing base of partners and organizations that want to build customized IT and security automations for themselves and for their customers. Refactr’s Community Edition will continue to be available as well.