Security Firms Bulk Up

It's shopping season for security software, as Computer Associates is acquiring antispyware vendor PestPatrol, in the wake of a similar acquisition by rival McAfee, which bought Foundstone.

CA paid an undisclosed amount of cash for the Carlisle, Pennsylvania-based company. CA plans to incorporate the PestPatrol products into its eTrust Threat Management software suite, which protects against viruses, spam, and inappropriate use of the Web by employees, company representatives say.

McAfee acquired Foundstone, which makes software for detecting and managing software vulnerabilities, for $86 million in cash, according to McAfee representatives. The company plans to combine Foundstone's technology for spotting and remediating software vulnerabilities with its intrusion detection and security policy management products, allowing companies to identify and shield high-priority computer assets from attack.

Stalking Spyware

CA has been looking for a "few months" for an antispyware software company to either buy or partner with after its enterprise customers identified spyware and other privacy threats as growing problems, says Sam Curry, vice president of eTrust Security Management at CA.

PestPatrol offered the broadest suite of antispyware tools, while some other vendors' products could identify but not eliminate spyware from corporate systems, Curry says. "They had the ability to fine it, identify it and get it off the system," he says. "This was a whole new area that traditional antivirus (software) doesn't address."

The PestPatrol software is used in more than 100 countries and by companies such as Yahoo and Zero Knowledge Systems, according to CA. The PestPatrol Software Developers' Toolkit enables integration with third-party Web services and business and consumer offerings.

PestPatrol complements traditional antivirus systems by giving network administrators the capability to define spyware scanning rules. Administrators can define "safe lists" or exclusion files of authorized applications, fine-tuned by department or individual, to prevent false alarms, according to the press release.

The PestPatrol Center for Pest Research, which provides computer users with free advice on how to delete malicious code and prevent infection, will be incorporated into CA's Security Advisor service. The Security Advisor service tracks global security threats through a global network of rapid response centers and relays security information to CA customers.

Expanded Expertise

McAfee's acquisition of Foundstone adds a line of vulnerability management software to McAfee's growing list of security products. As part of the deal, Foundstone's professional services group will become part of McAfee's services team, McAfee representatives say.

Foundstone is known for its involvement in the security community, for finding and reporting vulnerabilities and working within the industry to set standards for reporting holes.

McAfee's purchase of Foundstone, based in Mission Viejo, California, follows moves in the last year to focus its product offerings and bolster its standing in the intrusion detection and prevention market. In April 2003, McAfee, formerly Network Associates, purchased two companies: IntruVert Networks and Entercept Security Technologies. Those acquisitions gave McAfee a jump in detecting both network-based attacks, IntruVert's specialty, and attacks targeted at network servers, or "hosts."

McAfee will focus initially on getting Foundstone's technology to recognize and interact with the IntruVert and Entercept technologies, as well as McAfee's VirusScan 8, says Vince Rossi, senior vice president of product management at McAfee.

The goal is to give customers--primarily corporations--the capability to assess their exposure to Internet and network-borne threats using a constantly updated threat profile provided by McAfee's other products.

The purchase of Foundstone, which began in 1999 as a security consulting services company and more recently began marketing and selling security software and hardware, will complement McAfee's investment network and host intrusion prevention technologies, says John Pescatore, a Gartner analyst.

"Now that you have host and network intrusion detection, companies need to know where they're vulnerable, so vulnerability management becomes important," he says.

To comment on this article and other PCWorld content, visit our Facebook page or our Twitter feed.
Shop Tech Products at Amazon