Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

10/28/2019
05:35 PM
50%
50%

Fortinet Bolsters Endpoint Security with enSilo Acquisition

As companies reduce their vendor count, consolidation will likely continue to accelerate in the next year.

Network and software security firm Fortinet (NASDAQ: FTNT) has acquired privately held endpoint detection and response firm enSilo in an effort to push its security solutions to the edge of corporate IT environments, Fortinet announced on October 28.

The deal, whose terms were not disclosed, will allow Fortinet to offer agent-based software and services aimed at automating real-time threat detection, speeding response, and secure Internet of Things (IoT) devices, according to the company's statement. The acquisition also continues the consolidation in the cybersecurity industry driven by companies' need to simplify. 

Businesses are seeing more complex threat landscapes and need simpler ways of securing their networks and endpoints, Ken Zie, CEO and founder of Fortinet, said in a statement. "As businesses become more networked and operations extend from the cloud to the edge and Internet of Things, the digital attack surface has expanded exponentially and has become more complex to secure," he said. "Manual threat hunting or point security solutions are ineffective when managing or securing these new environments."

The purchase of enSilo comes as the endpoint security industry has already begun to consolidate. In 2019, Gartner listed 20 companies in its 2019 Magic Quadrant for Endpoint Protection Products, and some of those companies already have been acquired. HP hooked Bromium in September, VMware collected Carbon Black in August, BlackBerry bought Cylance in November 2018, and Thoma Bravo tossed Sophos a $3.9 billion bone this month. 

Behind the acquisitions are companies' desires to reduce the number of cybersecurity vendors on which they have to rely. In 2019, the share of companies that had reduced the number of vendors to 10 or fewer increased to 63%, from 54% in 2018, according to Cisco's "CISO Benchmark Study". One key factor is the desire to reduce the number of alerts produced by different products, the report stated.

"It's no surprise that alert management continues to pose challenges," Steve Martino, senior vice president, and chief information security officer of Cisco, said in a February 2019 blog post on the report. "That’s often because organizations are using multiple disparate security products that don't share alert data or help prioritize alerts via limited dashboards."

The survey of CISOs is not the only report to find that organizations are having more trouble responding to proliferating threats and complex IT security environments. Business analyst firm Enterprise Strategy Group estimates that three-quarters of firms find threat detection and response more difficult today than two years ago, primarily because of too many security tools that do not work together.

Fortinet pointed to such issues as a primary reason for its acquisition of enSilo. The problem, the firm maintained, is that as companies faced more threats, they bought more tools to the detriment of their security posture.

"The response by too many organizations ... has been to deploy multiple, siloed security products, the bulk of which is focused on prevention," the company said in a blog post announcing the enSilo acquisition. "But the truth is, 100% prevention is not possible. The result is a fragmented, complicated security architecture that can actually make detection and response more difficult."

The acquisition will allow Fortinet to target IoT environments, a growing market, the company said in the post. With operational technology increasingly being incorporated into enterprise networks, these devices need to be secured against online threats. 

"The hallmark of the modern network is the rapid expansion of the network edge," the company said. "New IoT and endpoint devices, bolstered by high performance, robust functionality, and new business applications, have expanded the potential attack surface. This in turn has raised the bar for having a fully integrated security solution that no longer operates in isolation and can extend visibility out to these emerging edges."

Related Content

 

This free, all-day online conference offers a look at the latest tools, strategies, and best practices for protecting your organization’s most sensitive data. Click for more information and, to register, here.

Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET News.com, Dark Reading, MIT's Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/2/2020
Ripple20 Threatens Increasingly Connected Medical Devices
Kelly Sheridan, Staff Editor, Dark Reading,  6/30/2020
DDoS Attacks Jump 542% from Q4 2019 to Q1 2020
Dark Reading Staff 6/30/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-9498
PUBLISHED: 2020-07-02
Apache Guacamole 1.1.0 and older may mishandle pointers involved inprocessing data received via RDP static virtual channels. If a userconnects to a malicious or compromised RDP server, a series ofspecially-crafted PDUs could result in memory corruption, possiblyallowing arbitrary code to be executed...
CVE-2020-3282
PUBLISHED: 2020-07-02
A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an unauthenticated, remote attack...
CVE-2020-5909
PUBLISHED: 2020-07-02
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, when users run the command displayed in NGINX Controller user interface (UI) to fetch the agent installer, the server TLS certificate is not verified.
CVE-2020-5910
PUBLISHED: 2020-07-02
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the Neural Autonomic Transport System (NATS) messaging services in use by the NGINX Controller do not require any form of authentication, so any successful connection would be authorized.
CVE-2020-5911
PUBLISHED: 2020-07-02
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller installer starts the download of Kubernetes packages from an HTTP URL On Debian/Ubuntu system.