Cloud

12/21/2017
04:50 PM
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
50%
50%

Businesses Go on Pre-Holiday Cloud Acquisition Spree

VMware, McAfee, and Trend Micro announce a series of acquisitions that indicate a strong focus on cloud security.

Tech companies closed 2017 with cloud-focused acquisitions that demonstrate an industry-wide trend that refuses to slow down. VMware, McAfee, and Trend Micro all have announced plans to buy cloud businesses within the past month.

Earlier this month, VMware finalized its purchase of VeloCloud Networks. It plans to add VeloCloud's software-defined wide area network (SD-WAN) tool to its lineup so it can help users run, manage, connect, and secure applications in the cloud, Jeff Jennings, senior vice president and general manager of VMware's networking and security business, wrote in a blog post.

The SD-WAN tool will boost performance and availability for enterprise and cloud applications with "full visibility, metrics, control and automation of all endpoints," he added.

McAfee Buys Skyhigh
Less than eight months after its spinoff from Intel, McAfee purchased cloud access security broker (CASB) provider Skyhigh Networks. In a post on the news, McAfee CEO Christopher Young called it "an ideal complement" to McAfee's strategy going forward.

"Cloud security has historically been an afterthought of, or impediment to, cloud adoption," he pointed out. Indeed, this year has proven time and again the dangers of rushing to cloud without putting the right safeguards in place, as demonstrated by a series of AWS data leaks affecting major organizations including TigerSwan, Dow Jones, and, most recently, Alteryx.

Skyhigh will "accelerate" McAfee's strategy, says Raja Patel, vice president and general manager of corporate products at McAfee. He calls endpoint and cloud "architectural control points" that address threats targeting data, applications, and infrastructure.

Security operations teams need automation and orchestration to address a higher number of threats with fewer resources, Patel continues. The CASB space is maturing: by 2020, 85% of large businesses will use a CASB product, he says, citing data from Gartner.

This acquisition is "fortifying the cloud control point," he explains. The ultimate goal for McAfee is to strengthen endpoint and cloud security, and it believes Skyhigh will drive this forward. "More and more of us are transient in and out of environments with our devices, and more and more of the services we access are outside the enterprise in the cloud," Patel says.

The Skyhigh brand name will remain in the market following the transaction. McAfee will "consider opportunities" to endorse it, Patel says, given its strong reputation for cloud security.

Trend Micro Acquires Immunio
Around the same time McAfee bought Skyhigh, Trend Micro snapped up Immunio. The goal is to expand its hybrid cloud security tool with a combination of purchased capabilities and in-house development, the company explained. Trend Micro will acquire Immunio's application security technology and talent.

"As organizations move to the cloud and adopt a more modern approach to applications delivery — generally falling under the 'DevOps' term — traditional approaches to security, such as bolting it on at the end of development or trying to form a strong perimeter, just don't work," says Mark Nunnikhoven, vice president of cloud research for Trend Micro.

Immunio integrates with application code to analyze its behavior and protect against threats in a way other approaches don't, he adds. Trend Micro's goal is to build a platform that can integrate with DevOps culture. It's focusing on automation for customer applications, building its Deep Security platform, and ramping up internal R&D to focus on container image scanning.

The acquisition will bring Immunio's early detection, protection against app vulnerabilities, and container image scanning into these projects.

"You can protect all stages of application delivery, from the time the code is written all the way through to production," says Nunnikhoven. "To do that, you have to apply the right security technique at the right time in the application lifecycle."

Related Content:

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The Year in Security 2018
This Dark Reading Tech Digest explores the biggest news stories of 2018 that shaped the cybersecurity landscape.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-6443
PUBLISHED: 2019-01-22
A vulnerability in Brocade Network Advisor Versions before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications. A remote unauthenticated user who ha...
CVE-2018-6444
PUBLISHED: 2019-01-22
A Vulnerability in Brocade Network Advisor versions before 14.1.0 could allow a remote unauthenticated attacker to execute arbitray code. The vulnerability could also be exploited to execute arbitrary OS Commands.
CVE-2018-6445
PUBLISHED: 2019-01-22
A Vulnerability in Brocade Network Advisor versions before 14.0.3 could allow a remote unauthenticated attacker to export the current user database which includes the encrypted (not hashed) password of the systems. The attacker could gain access to the Brocade Network Advisor System after extracting...
CVE-2019-6507
PUBLISHED: 2019-01-22
An issue was discovered in creditease-sec insight through 2018-09-11. login_user_delete in srcpm/app/admin/views.py allows CSRF.
CVE-2019-6508
PUBLISHED: 2019-01-22
An issue was discovered in creditease-sec insight through 2018-09-11. role_perm_delete in srcpm/app/admin/views.py allows CSRF.