Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

10/28/2019
05:35 PM
50%
50%

Fortinet Bolsters Endpoint Security with enSilo Acquisition

As companies reduce their vendor count, consolidation will likely continue to accelerate in the next year.

Network and software security firm Fortinet (NASDAQ: FTNT) has acquired privately held endpoint detection and response firm enSilo in an effort to push its security solutions to the edge of corporate IT environments, Fortinet announced on October 28.

The deal, whose terms were not disclosed, will allow Fortinet to offer agent-based software and services aimed at automating real-time threat detection, speeding response, and secure Internet of Things (IoT) devices, according to the company's statement. The acquisition also continues the consolidation in the cybersecurity industry driven by companies' need to simplify. 

Businesses are seeing more complex threat landscapes and need simpler ways of securing their networks and endpoints, Ken Zie, CEO and founder of Fortinet, said in a statement. "As businesses become more networked and operations extend from the cloud to the edge and Internet of Things, the digital attack surface has expanded exponentially and has become more complex to secure," he said. "Manual threat hunting or point security solutions are ineffective when managing or securing these new environments."

The purchase of enSilo comes as the endpoint security industry has already begun to consolidate. In 2019, Gartner listed 20 companies in its 2019 Magic Quadrant for Endpoint Protection Products, and some of those companies already have been acquired. HP hooked Bromium in September, VMware collected Carbon Black in August, BlackBerry bought Cylance in November 2018, and Thoma Bravo tossed Sophos a $3.9 billion bone this month. 

Behind the acquisitions are companies' desires to reduce the number of cybersecurity vendors on which they have to rely. In 2019, the share of companies that had reduced the number of vendors to 10 or fewer increased to 63%, from 54% in 2018, according to Cisco's "CISO Benchmark Study". One key factor is the desire to reduce the number of alerts produced by different products, the report stated.

"It's no surprise that alert management continues to pose challenges," Steve Martino, senior vice president, and chief information security officer of Cisco, said in a February 2019 blog post on the report. "That’s often because organizations are using multiple disparate security products that don't share alert data or help prioritize alerts via limited dashboards."

The survey of CISOs is not the only report to find that organizations are having more trouble responding to proliferating threats and complex IT security environments. Business analyst firm Enterprise Strategy Group estimates that three-quarters of firms find threat detection and response more difficult today than two years ago, primarily because of too many security tools that do not work together.

Fortinet pointed to such issues as a primary reason for its acquisition of enSilo. The problem, the firm maintained, is that as companies faced more threats, they bought more tools to the detriment of their security posture.

"The response by too many organizations ... has been to deploy multiple, siloed security products, the bulk of which is focused on prevention," the company said in a blog post announcing the enSilo acquisition. "But the truth is, 100% prevention is not possible. The result is a fragmented, complicated security architecture that can actually make detection and response more difficult."

The acquisition will allow Fortinet to target IoT environments, a growing market, the company said in the post. With operational technology increasingly being incorporated into enterprise networks, these devices need to be secured against online threats. 

"The hallmark of the modern network is the rapid expansion of the network edge," the company said. "New IoT and endpoint devices, bolstered by high performance, robust functionality, and new business applications, have expanded the potential attack surface. This in turn has raised the bar for having a fully integrated security solution that no longer operates in isolation and can extend visibility out to these emerging edges."

Related Content

 

This free, all-day online conference offers a look at the latest tools, strategies, and best practices for protecting your organization’s most sensitive data. Click for more information and, to register, here.

Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET News.com, Dark Reading, MIT's Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
7 Tips for Infosec Pros Considering A Lateral Career Move
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2020
For Mismanaged SOCs, The Price Is Not Right
Kelly Sheridan, Staff Editor, Dark Reading,  1/22/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment:   It's a PEN test of our cloud security.
Current Issue
IT 2020: A Look Ahead
Are you ready for the critical changes that will occur in 2020? We've compiled editor insights from the best of our network (Dark Reading, Data Center Knowledge, InformationWeek, ITPro Today and Network Computing) to deliver to you a look at the trends, technologies, and threats that are emerging in the coming year. Download it today!
Flash Poll
How Enterprises are Attacking the Cybersecurity Problem
How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7245
PUBLISHED: 2020-01-23
Incorrect username validation in the registration processes of CTFd through 2.2.2 allows a remote attacker to take over an arbitrary account after initiating a password reset. This is related to register() and reset_password() in auth.py. To exploit the vulnerability, one must register with a userna...
CVE-2019-14885
PUBLISHED: 2020-01-23
A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential information of the system property's security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI 'reload' command. This flaw can lead to the exposure of confidential information...
CVE-2019-17570
PUBLISHED: 2020-01-23
An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC (aka ws-xmlrpc) library. A malicious XML-RPC server could target a XML-RPC client causing it to execute arbitrary code. Apache XML-RPC is no longer maintained and this issue...
CVE-2020-6007
PUBLISHED: 2020-01-23
Philips Hue Bridge model 2.X prior to and including version 1935144020 contains a Heap-based Buffer Overflow when handling a long ZCL string during the commissioning phase, resulting in a remote code execution.
CVE-2012-4606
PUBLISHED: 2020-01-23
Citrix XenServer 4.1, 6.0, 5.6 SP2, 5.6 Feature Pack 1, 5.6 Common Criteria, 5.6, 5.5, 5.0, and 5.0 Update 3 contains a Local Privilege Escalation Vulnerability which could allow local users with access to a guest operating system to gain elevated privileges.