Network security vendor Proofpoint has agreed to purchase Emerging Threats, an Indianapolis-based firm that specializes in threat intelligence research. Proofpoint will pay around $40 million in cash and stock for the company and its team of threat researchers.

Perhaps the most valuable aspect of the acquisition is the threat collection system that Emerging Threats maintains. The team of researchers, software engineers, and sales staff are all part of the deal; Proofpoint said this staff will continue to operate from Emerging Threats’ headquarters in Indianapolis.

“The team is very highly regarded within the security community, and we believe its database of network threat intelligence is unmatched in the industry,” said David Knight, Proofpoint’s executive VP and GM of information security products, in an interview with eWEEK. “This would be hard to build or organically create, especially given the speed with which the industry is moving.”

Emerging Threats focuses on detecting and blocking advanced cyber threats via its automated collection and analysis system. Tens of thousands of unique samples are fed into its private malware repository each day, mostly via participating cloud computing vendors, anti-virus companies, and internet service providers.

The company also created and maintains ETOpen, which is an open-source malware detection rule set for intrusion-prevention/intrusion-detection systems (IPS/IDS). The IPS/IDS rule set is the world’s most widely deployed, with more than 20,000 organizations using it globally. ETOpen can support commercial open-source devices, including SNORT IPS – the technology behind Cisco’s Sourcefire IPS products – and SNORT derivative Suricata IPS.

Emerging Threats provides a daily updated ETOpen rule set to the open-source community and then incorporates the rule set into its own technology, called ETPro. The ETPro rule set is part of the company’s flagship IQRisk Suite, a cloud-based threat intelligence product. Proofpoint said it plans to integrate these advanced threat intelligence and detection capabilities into its own Targeted Attack Protection and Threat Response products. In addition, Proofpoint said it will continue investing in the threat research capabilities offered by Emerging Threats and the open-source community it serves.