Endpoint fears drive PatchLink-SecureWave merger

Security experts weren't surprised when PatchLink announced it would acquire endpoint security vendor SecureWave in an all-stock merger. The move makes perfect sense for PatchLink, since IT shops are increasingly hungry for tools to help them better secure an increasing array of endpoint devices.

"We've known for some time that if you manage the endpoint devices properly you reduce risk, but it's becoming increasingly difficult to identify where the vulnerabilities are on those devices," said Eric Maiwald, senior analyst at Burton Group. IT professionals are increasingly worried about what people are plugging into their laptops and what kind of data is being tossed around in the process. "You can get a lot of information onto a USB stick, and they're small and easy to lose."

With SecureWave's technology, PatchLink will be better equipped to help customers address the problem, he said.

But with larger IT infrastructure providers like Microsoft and IBM working more security into their offerings, analysts say it's far from certain that PatchLink will enjoy an explosion of growth from this acquisition.

 PatchLink said it will merge SecureWave's technology with its own to create a platform to secure enterprise servers and endpoints. SecureWave, based in Luxembourg, has more than 1,700 customers worldwide. Its Sanctuary software and appliances contain policy enforcement tools to manage and monitor device and application use to protect against data leakage and malware threats. PatchLink plans to combine the endpoint security software with its vulnerability management technology for enterprise-wide policy management and automated patching.

PatchLink, endpoint security: PatchLink and SecureWave to form merged security firm Security firm PatchLink plans to acquire SecureWave to strengthen its patch management platform with endpoint security and policy management features PatchLink acquires STAT Guardian tool: PatchLink Corp. says it will add more muscle to its vulnerability management portfolio by acquiring the STAT Guardian tool from IT vendor Harris Corp. Endpoint security: In this lesson, guest instructor Ben Rothke, Director of Security Technology Implementation for a large financial services company and provides tactics for endpoint security, policies for controlling endpoints. Keeping pace with emerging endpoint security technologies: Vendors have responded to the de-perimeterization of corporate networks with products designed to perform "health checks" of connecting devices, permitting access based on the security status of the endpoint.

In February, PatchLink acquired the STAT Guardian vulnerability management suite from Harris Corp., a Melbourne, Fla.-based IT communications vendor that caters to government and commercial markets. PatchLink said the acquisition of the STAT Guardian suite helped it sharpen its focus on risk management and policy-based compliance. The tool also helped PatchLink build a unified end point security platform with a single, policy-based architecture and consolidated compliance reporting, the company said.

In an interview Monday morning, Matt Mosher, PatchLink's senior vice president of sales for the Americas, acknowledged the company wants to fill the kind of need Maiwald described. He said customers are clamoring for more integration in their security tools, and in this case PatchLink is filling the need by working SecureWave's endpoint security capabilities into PatchLink's vulnerability management technology.

"When it comes to endpoint security, people don't want to invest in multiple agents," he said. "They are looking for more consolidation, and SecureWave gives us more policy and enforcement options. Now we can apply security policy around external devices. SecureWave's device control is a great tool for things like laptop security."

Natalie Lambert, an analyst with Cambridge, Mass.-based Forrester Research Inc., agreed the acquisition makes a lot of sense. Indeed, she said she has been expecting that SecureWave would sell to either PatchLink or Novell.

"This acquisition brings security functionality into PatchLink's arsenal," she said in an email exchange. "As a dedicated patch vendor, PatchLink was a great vendor for partnerships/OEM agreements, but lacked a foothold in security, specifically the client security market. Now, they have the capabilities to move beyond patch management and into the broader security market by addressing the unwanted programs and devices, as well as the malicious code and information leak prevention markets."

But PatchLink's future position becomes less certain when one considers the ongoing consolidation in the client security and client management markets, she said. At some point, she wouldn't be surprised if PatchLink is acquired by someone else.

"Both of these functions -- patch management and application-device control -- will be folded into larger management products [going forward]," she said. "I expect this market to be dominated by the Microsofts, McAfees and Symantecs of the world because they can offer management and security in a single product. As a best-of-breed player, I would expect PatchLink to get picked up by a management or security vendor without this functionality. HP and Novell come to mind."

Another uncertainty is how SecureWave's current customer base will take to PatchLink. In other recent acquisitions, some customers reported that services either improved or stayed the same as their tools passed from the control of one vendor to the next. In other cases, however, customers complained about a decline in quality, as was the case when Symantec Corp. acquired Veritas.

Mosher is confident SecureWave customers will be pleased with the results of this merger. Maiwald said things could go either way.

"Patchlink is a bigger company with more resources," he said. "Will that mean better services and support for SecureWave customers? We'll have to wait and see."