Where There’s IBM, There’s Watchfire

UPDATED: IBM  today agreed to buy security and compliance
testing software vendor Watchfire for an undisclosed sum.


Waltham, Mass.-based Watchfire makes AppScan,
a security vulnerability testing suite that lets users identify potential
security risks in applications.


The product is designed to help fend off such attacks at the application layer as SQL
injections
, which are becoming increasingly more common because
intruders are slipping past firewalls to sniff out corporate data.
Such breaches can lead to major data and or financial losses.


IBM plans to integrate the Watchfire assets into its Rational software line,
which guides applications through the software development lifecycle.


With AppScan, programmers using the Rational Software Delivery Platform will
be able to conduct security and compliance testing early in the software
development process, allowing them to safely define and track the compliance
of their applications. This lets companies preserve the integrity of their
applications before they go live.


IBM Rational Software General Manager Danny Sabbah said on a conference call
the deal fulfills a critical requirement of software development and
delivery — security and compliance testing.


“With online security and privacy incidents on the rise, security breaches
and lack of compliance with industry and government regulations can diminish
business integrity and customer trust, not to mention the serious financial
implications for many organizations,” Sabbah said.


“Watchfire technology, together with IBM, will help customers reduce these
security risks and the associated costs to their business.”


Sabbah also said the deal will bring together two market-share leaders,
according to research from Gartner: IBM in application development and
Watchfire in security vulnerability scanners.


The purchase builds on the existing relationship between the two companies,
as Watchfire is an IBM Rational software business partner. In this capacity,
Watchfire validated the integration of their offerings to the IBM Rational
Software Delivery Platform.


Buying Watchfire will also grant IBM access to more than 800 customers in
financial services, government, pharmaceutical and energy and utilities.


The deal also takes out one of the three main Web application security
startups, the other two being SPI Dynamics and Cenzic. SPI earlier this year
revamped
its architecture and WebInspect product to get in touch with Web 2.0 apps.


Sabbah said Watchfire’s 189 employees, including CEO Peter McKay and CTO
Mike Weider, will join IBM.


The deal, expected to close in the third quarter, is no surprise; IBM has
been avidly building up its security offerings through the development of
its Tivoli identity, access and compliance software.


Big Blue took a major step to bolster its security stack when it bought
security appliance and services provider Internet Security Systems for
$1.3 billion last year.

News Around the Web