HP to acquire SPI Dynamics for Web security

HP plans to acquire Web application security vendor SPI Dynamics and integrate the vendor's software as a unit in HP's Technology Solutions Group.

The number of vulnerabilities to business-critical applications has gone up exponentially with the rise of web-based applications. Jonathan Rende,  vice president of software productsHP

HP said the acquisition would help bolster security in its business systems, such as e-commerce Web sites or financial and supply chain applications. Financial terms of the transaction were not disclosed. The acquisition is expected to close in the third quarter.

SPI Dynamics has 140 employees and serves more than 1,000 customers in the federal government, financial services and healthcare industries, including HP.

"The combination of HP and SPI Dynamics will allow us to scale and provide our customers with the industry's most comprehensive application quality, performance and security assessment solutions," Brian Cohen, chief executive officer, SPI Dynamics said in a statement. "For more than five years we have partnered with HP, so I am very pleased to be joining forces to better serve our customers and partners."

HP has been touting its security in recent months, announcing a new HP appliance last month that logs data for audits and investigations. Chris Whitener, HP's new storage and server security chief recently told SearchSecurity that the company is making security improvements as it pushes further into the small and midsize business market.

In March, SPI Dynamics fully integrated its technology with HP's Quality Center platform, which it acquired from Mercury Interactive in 2006. SPI Dynamics has had a lengthy history with Mercury, integrating some of its technologies into Mercury's application security platform. The Mercury acquisition increased the size of the HP Software business to more than $2 billion in annual revenue.

SPI Dynamics sells an Assessment Management Platform to conduct automated Web site security assessments. The platform includes a dashboard to view an organisation's policy compliance and risk posture.

The SPI Dynamics WebInspect tool is used by security pros to identify vulnerabilities within the Web application layer. QAInspect is aimed at QA pros to automate Web application security testing and DevInspect, aimed at developers is compatible with Microsoft Visual Studio .NET to fix source code and identify Web site vulnerabilities.

SPI Dynamics software is also used to validate application security and quality after deployment.

"The number of vulnerabilities to business-critical applications has gone up exponentially with the rise of web-based applications," said Jonathan Rende, vice president of products, quality management software at HP.