Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

10/28/2019
05:35 PM
50%
50%

Fortinet Bolsters Endpoint Security with enSilo Acquisition

As companies reduce their vendor count, consolidation will likely continue to accelerate in the next year.

Network and software security firm Fortinet (NASDAQ: FTNT) has acquired privately held endpoint detection and response firm enSilo in an effort to push its security solutions to the edge of corporate IT environments, Fortinet announced on October 28.

The deal, whose terms were not disclosed, will allow Fortinet to offer agent-based software and services aimed at automating real-time threat detection, speeding response, and secure Internet of Things (IoT) devices, according to the company's statement. The acquisition also continues the consolidation in the cybersecurity industry driven by companies' need to simplify. 

Businesses are seeing more complex threat landscapes and need simpler ways of securing their networks and endpoints, Ken Zie, CEO and founder of Fortinet, said in a statement. "As businesses become more networked and operations extend from the cloud to the edge and Internet of Things, the digital attack surface has expanded exponentially and has become more complex to secure," he said. "Manual threat hunting or point security solutions are ineffective when managing or securing these new environments."

The purchase of enSilo comes as the endpoint security industry has already begun to consolidate. In 2019, Gartner listed 20 companies in its 2019 Magic Quadrant for Endpoint Protection Products, and some of those companies already have been acquired. HP hooked Bromium in September, VMware collected Carbon Black in August, BlackBerry bought Cylance in November 2018, and Thoma Bravo tossed Sophos a $3.9 billion bone this month. 

Behind the acquisitions are companies' desires to reduce the number of cybersecurity vendors on which they have to rely. In 2019, the share of companies that had reduced the number of vendors to 10 or fewer increased to 63%, from 54% in 2018, according to Cisco's "CISO Benchmark Study". One key factor is the desire to reduce the number of alerts produced by different products, the report stated.

"It's no surprise that alert management continues to pose challenges," Steve Martino, senior vice president, and chief information security officer of Cisco, said in a February 2019 blog post on the report. "That’s often because organizations are using multiple disparate security products that don't share alert data or help prioritize alerts via limited dashboards."

The survey of CISOs is not the only report to find that organizations are having more trouble responding to proliferating threats and complex IT security environments. Business analyst firm Enterprise Strategy Group estimates that three-quarters of firms find threat detection and response more difficult today than two years ago, primarily because of too many security tools that do not work together.

Fortinet pointed to such issues as a primary reason for its acquisition of enSilo. The problem, the firm maintained, is that as companies faced more threats, they bought more tools to the detriment of their security posture.

"The response by too many organizations ... has been to deploy multiple, siloed security products, the bulk of which is focused on prevention," the company said in a blog post announcing the enSilo acquisition. "But the truth is, 100% prevention is not possible. The result is a fragmented, complicated security architecture that can actually make detection and response more difficult."

The acquisition will allow Fortinet to target IoT environments, a growing market, the company said in the post. With operational technology increasingly being incorporated into enterprise networks, these devices need to be secured against online threats. 

"The hallmark of the modern network is the rapid expansion of the network edge," the company said. "New IoT and endpoint devices, bolstered by high performance, robust functionality, and new business applications, have expanded the potential attack surface. This in turn has raised the bar for having a fully integrated security solution that no longer operates in isolation and can extend visibility out to these emerging edges."

Related Content

 

This free, all-day online conference offers a look at the latest tools, strategies, and best practices for protecting your organization’s most sensitive data. Click for more information and, to register, here.

Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET News.com, Dark Reading, MIT's Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Black Hat Q&A: Hacking a '90s Sports Car
Black Hat Staff, ,  11/7/2019
The Cold Truth about Cyber Insurance
Chris Kennedy, CISO & VP Customer Success, AttackIQ,  11/7/2019
6 Small-Business Password Managers
Curtis Franklin Jr., Senior Editor at Dark Reading,  11/8/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-15815
PUBLISHED: 2019-11-12
ZyXEL P-1302-T10D v3 devices with firmware version 2.00(ABBX.3) and earlier do not properly enforce access control and could allow an unauthorized user to access certain pages that require admin privileges.
CVE-2019-17360
PUBLISHED: 2019-11-12
A vulnerability in Hitachi Command Suite 7.x and 8.x before 8.7.0-00 allows an unauthenticated remote user to trigger a denial of service (DoS) condition because of Uncontrolled Resource Consumption.
CVE-2018-21026
PUBLISHED: 2019-11-12
A vulnerability in Hitachi Command Suite 7.x and 8.x before 8.6.5-00 allows an unauthenticated remote user to read internal information.
CVE-2012-1572
PUBLISHED: 2019-11-12
OpenStack Keystone: extremely long passwords can crash Keystone by exhausting stack space
CVE-2019-17234
PUBLISHED: 2019-11-12
includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows unauthenticated arbitrary file deletion.