Sad fact is, malware writers haven't just gotten more prolific over the past few years, they've gotten faster and more creative. The response among IT security vendors has been to offer companies the ability to better automate software patches and protection for PCs and other end points, which is what makes Monday's announcement that PatchLink plans to merge with SecureWave so intriguing.
Together, the companies are expected to deliver the sort of proactive approach to security that's become a necessity as operating system and software makers continue to deliver vulnerable products. PatchLink, a privately held provider of patch and vulnerability management software, plans to offer end point security provider SecureWave shareholders a piece of PatchLink in what would be an all-stock transaction, although the value of that transaction hasn't been announced. As part of the agreement, Mangrove Capital Partners, an original investor in Skype and the primary shareholder in SecureWave, will be given a seat on the PatchLink board of directors.
Together, the companies would have more than 5,000 customers worldwide and 230 employees. PatchLink, whose customers include HSBC, NASA, and Thomson Financial, is assured of a market as long as Microsoft's Patch Tuesday continues to roll around every month. Meanwhile, SecureWave made its bones in the security market through its Sanctuary product, which takes a "white-listing" approach that allows only approved network traffic inside a company's firewall.
PatchLink CEO Patrick Clawson in a September 2006 interview with InformationWeek indicated that his company was looking to extend its reach beyond patch management. "We'll look for consolidation or acquisitions, but we'll be opportunistic rather than targeting smaller players," he said. "We may move to the left or right as well, rather than just getting deeper into the patch management space."
In May, SecureWave announced Sanctuary 4.2, the latest version of its end point security software that includes unified policy enforcement for centrally managing and monitoring device and application use on corporate PCs, laptops, and servers. Sanctuary is designed to help define and enforce policies for acceptable use of removable storage media and applications, letting administrators proactively defend against data leakage, as well as malware.
SecureWave's whitelisting approach to security is perceived by some as the answer to defending against zero-day attacks, those that attack vulnerabilities for which no patch exists. Others note that whitelisting creates more administrative overhead by forcing IT managers to inventory their systems so all approved devices and apps are identified to Sanctuary to ensure that legitimate software isn't blocked.
Sanctuary already is designed to work with automated patching systems like PatchLink and includes a utility tool that automatically updates whitelists with patches and upgrades once the user creates a baseline listing of applications on the network.