PatchLink Retrenches for IPO With New Name, Products

Lumension Security to go head-to-head with CA, McAfee

In what it says is in preparation for issuing an IPO by mid-2008, PatchLink today announced that it has changed its name -- to Lumension Security -- to reflect the company's expansion beyond patch management. The company also said it will begin rolling out a new family of security management products in January that integrates tools it previously acquired from Harris and in its recent purchase of SecureWave.

"I got here 13 months ago and the name change has been boiling since then. It got to a point it was necessary to make the change for a variety of reasons... We are way beyond a patch provider," says Patrick Clawson, chairman and CEO of the company, which most recently acquired whitelisting firm SecureWave.

"We are going to be positioning ourselves for an IPO, so we wanted to get the name change out of the way and have a recognizable brand," says Clawson, who notes that Lumension is one of the largest privately held security firms in the world. "And we will buy technologies down the road that we think should be integrated" with our products.

Lumension's new products will blend PatchLink's patch and remediation management line, Harris's STAT vulnerability assessment tools, and SecureWave's Sanctuary application and device management policy enforcement software, which uses whitelisting technology. Clawson says the company's first newly integrated product, which will be released after the first of the year, will be an appliance for SMBs that combines integrated vulnerability management, vulnerability assessment, device and application control, as well as patch management.

"Customers really are looking for integrated suites... That's partly what's driving M&A today," Clawson says. "You've got to put it together."

And Clawson says the company will no longer be competing purely with patch management tool vendors like BigFix or Shavlik Technologies; now it will go head-to-head with Computer Associates and McAfee, he says. "And we [cover] a broad spectrum, across large enterprises and governments -- from several hundred thousand nodes, down to 250-user small enterprises."

But Nick Selby, senior security analyst for The 451 Group, says Lumension's "new" approach isn't really new to the industry. "Our bleeding-edge end user customers -- investment banks, government agencies, pharmaceutical, etc. -- are already deploying the kinds of architecture PatchLink is describing, tightly controlled endpoints securely accessing Internet-facing applications," Selby says. "PatchLink does seem in a position to add value there, but to say it's an all-encompassing 'solution' to the problem seems an overstatement."

Lumension's new products, meanwhile, will also include policy compliance reporting and network access control. "They will have a fully integrated management front-end that allows you to manage all the different software platforms from one view," Clawson says, including an "agentless" software-as-a-service model. "This is the proactive security model people have talked about, and we enable it in the 'cloud.' "

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

  • PatchLink Corp.
  • SecureWave S.A.
  • The 451 Group
  • Harris Corp. (NYSE: HRS)
  • McAfee Inc. (NYSE: MFE)
  • Editors' Choice
    Kelly Jackson Higgins 2, Editor-in-Chief, Dark Reading