LogicLibrary Buy Will Swat Bugs

Software asset management tools maker LogicLibrary Wednesday agreed to
acquire security analysis provider BugScan for an
undisclosed sum. The purchase is evidence that smaller companies are opting
to reuse software assets instead of writing new code from scratch, which is part of
what makes service-oriented architectures so
attractive.

Many companies, including IBM , Microsoft and Borland , write software tools that
help enterprises set up SOAs. LogicLibrary writes tools that govern and set
compliance rules for those SOAs.

By acquiring BugScan, an affiliate of high-tech consultant HBGary LLC,
LogicLibrary is acquiring software that picks out code flaws and sets
compliance thresholds for security before applications are deployed.

LogicLibrary will integrate the software, which is currently used by Verizon and Citrix Systems,
into its Logidex software development asset (SDA)
management environment, offering customers technology its rivals Flashline
and Forum Systems can’t deliver.

BugScan automates the bug-hunting process, whereas most developers must
manually scour and test lines of code with no guarantees of success. To that
end, squashing bugs at the source is far more efficient than trying to kill
them after applications are in operation, according to Alan Himler, vice
president of product management at LogicLibrary.

After all, applications are ultimately fed to distributed computing systems
and used as Web services to conduct transactions, and
flaws can disrupt business processes.

Himler told internetnews.com BugScan’s technology will allow
developers to perform security scans on an application’s binaries without the
source code. By examining the native binary code, BugScan makes it possible
to review both proprietary and third-party software.

“BugScan was developed to assist HBGary in their consulting engagements, and
we were in the market for a security tool for SOA governance, so it made
sense for us to take over the product and move it ahead,” Himler said. “It’s
nice for developers to be able to know what the security posture is of an
application before they deploy it, and it makes services more consumable.”

Himler said BugScan founder Matt Hargett and four consultants will join
LogicLibrary, keeping the current BugScan office in Sunnyvale, Calif., where
it had matured rapidly as an affiliate of consultant firm HBGary.

Himler said LogicLibrary will continue to round out its SOA governance
platform by adding performance information, as well as business process
management capabilities.