Symantec Lands Three Firms

Symantec's acquisitions are seen as a countermove to the upcoming re-merger of Network Associates and McAfee.com, but subscribers to the Bugtraq mailing list fear that a valuable source of security information may be compromised.

by Thor Olavsrud and Michael Singer of internetnews.com [July 22, 2002]

Norton anti-virus maker Symantec Corp. (Nasdaq: SYMC) last Wednesday said it will plunk down upwards of $355 million in cash to acquire three separate companies for its security product lineup.

The Cupertino, Calif.-based company said it has signed an agreement to acquire Riptech, Inc. for an estimated $145 million, Recourse Technologies for about $135 million, and SecurityFocus for approximately $75 million.

Symantec's current products include its Norton brand of client, gateway, and server security solutions for virus protection, firewall, virtual private network, vulnerability management, intrusion detection, Internet content and e-mail filtering, remote management technologies, and other security services.

This marks the fourth acquisition announced by Symantec this month. The company recently said it will shell out $20 million for Falls Church, Va.-based Mountain Wave and its CyberWolf technology.

The purchases are expected to help Symantec keep pace with Silicon Valley-based rivals Network Associates and McAfee.com, which are are in the middle of negotiating a deal that would merge the two companies back together.

"The acquisitions we announced today bring next generation security technology, products, and services that will help us to better serve the needs of our customers and continue to deliver strong top and bottom-line growth." said Symantec Chairman and CEO John Thompson. "We believe it is important to sometimes look beyond our walls to increase our product strength."

Thompson also said the online security sector on the whole is still in its infancy stage and that the market needs to keep constant vigilance over major online attacks.

Symantec said Recourse's technology will allow it to compete in the gigabit-performance network intrusion detection space with the addition of Recourse's IntruderAlert platform. The Redwood City, Calif.-based company also makes ManHunt and ManTrap "honeypot" solutions.

Alexandria, Va.-based Riptech's Caltarian platform is expected to give Symantec real-time managed security services. The combination of Symantec and Riptech will create a global network of world-class Security Operation Centers in Virginia, Texas, the United Kingdom, Germany, and Japan.

SecurityFocus, based in San Mateo, Calif., will give Symantec a vulnerability database and early warning threat management products to pad Symantec's anti-virus research and response capabilities. Symantec said it will continue to manage SecurityFocus' popular Bugtraq mailing list and the online security community under the SecurityFocus brand. The company said it will also integrate the DeepSight line of global threat management solutions, including Security Focus' DeepSight Threat Management System.

The surprise announcement that Symantec would acquire enterprise security threat management system provider SecurityFocus has sent ripples through the security community, with a number of users questioning whether SecurityFocus' highly-popular Bugtraq mailing list will lose its editorial independence.

Others wondered whether SecurityFocus would be able to maintain its credibility under the banner of an anti-virus firm. Anti-virus software vendors have a reputation among security experts for allegedly inflating the seriousness of virus threats in order to boost sales of their products.

The Bugtraq mailing list, considered by most to be the world's most popular security community, serves as a forum for security experts to exchange up-to-the-minute information on viruses, security flaws and exploits. It maintains a controversial "full disclosure" policy, which allows users to post very detailed security vulnerability information to the list, including exploits. Firms like Microsoft have railed against the policy, saying it puts dangerous tools in the hands of malicious hackers who subscribe to the list in order to find ways to infiltrate systems.

But Elias Levy, chief technology officer of SecurityFocus and moderator of Bugtraq, has consistently argued that hiding security vulnerabilities does not make systems more secure.

Meanwhile, Symantec is looking beyond Bugtraq when it comes to valuing the SecurityFocus acquisition. The company has its eyes on SecurityFocus' vulnerability database (which Symantec calls the "most complete" in the industry). It said it plans to continue to license the database to security product vendors, managed service providers, and other organizations that create security products and services. It is also eyeing the DeepSight line of global threat management solutions.

The transaction is expected to close in early to mid-August 2002.

— End