Microsoft (MSFT  ) confirmed it's buying RiskIQ, an upstart cloud security firm based in San Francisco. The acquisition will be another notch in Microsoft's belt as it seeks to expand its security offering in the wake of this year's unprecedented cyber-attacks.

Microsoft did not directly disclose the terms of the deal. However, people familiar with the matter told Bloomberg that Microsoft paid $500 million in cash to complete the purchase.

"We're thrilled to add RiskIQ's Attack Surface and Threat Intelligence solutions to Microsoft's Security portfolio," said the company's CEO Elias Manousos. "Our combined capabilities will enable best-in-class protection, investigations, and response against today's threats."

RiskIQ's cloud security solutions help its clients identify and take action against emerging vulnerabilities across the whole of their internet-facing architecture. The company's website boasts an impressive roster of current and former customers, including Facebook (FB  ), BMW AG (BMWYY  ), American Express Inc (AXP  ), and the U.S. Postal Service.

"With more than a decade of experience scanning and analyzing the internet, RiskIQ can help enterprises identify and remediate vulnerable assets before an attacker can capitalize on them," writes Microsoft VP of Cloud Security Eric Doerr in a blog post.

According to Mr.Doerr, the addition of RiskIQ will help Microsoft bolster its "end-to-end-cloud-native security" offerings such as its Microsoft 365 Defender, Microsoft Azure Defender, and Microsoft Azure Sentinel and help the company continue its mission of helping customers "defend their growing digital estate against increasing cyber threats."

Recent cyber attacks have brought home the need for a more comprehensive approach to network security. In May, a ransomware attack crippled operations along the 5,500 mile Colonial Pipeline, severing a critical artery in the nation's energy network and sparking gas shortages all along the east coast. A month later, the world's largest meat processor, JBS, faced a nearly identical attack that sent shockwaves throughout the world's supply chains.

"The threat landscape has never been more complex or challenging, and security has never been more critical to our customers," said Microsoft CEO Satya Nadella over a conference call in April. "This is driving increased demand for our end-to-end capabilities across identity, security, compliance and management."

The acquisition is the latest in a series of steps Microsoft has taken to advance its security credentials. Last year the Windows-maker scooped up CyberX to bolster its Azure Internet of Things (IoT) Business, and just last month, Microsoft bought out ReFirm Labs, another IoT security firm.