Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

PatchLink Buys SecureWave

Deal merges endpoint security with patch management, vulnerability assessment

PatchLink yesterday acquired endpoint security vendor SecureWave, paving the way for a combined offering that might make it easier for enterprises to manage client security.

Terms of the all-stock deal between the two private companies were not disclosed.

SecureWave's Sanctuary is a policy enforcement suite that uses whitelisting to enable only authorized applications to run and only authorized devices to connect to laptops, PCs, or servers. These capabilities, combined with PatchLink’s patch and vulnerability management products, will make it easier to proactively enforce application and device security policies and automatically patch and remediate vulnerabilities across an entire IT infrastructure, the partners say.

"The key phrase we're using is 'unified protection and control,' " says Dennis Szerszen, senior vice president at SecureWave. "Most of our customers have a number of different security agents they're using at the client, from antivirus to security control to vulnerability assessment. One of the things we can do [in this merger] is try to flatten the desktop infrastructure and deliver one unified agent, and maybe one console for managing policy."

PatchLink offers tools for assessing vulnerability at the endpoint and patching it, the partners say. SecureWave offers tools for protecting the endpoint from unauthorized access and enforcing security policy at the client. Together, the two companies could create a suite of tools to help enterprises find the weaknesses in their endpoints, patch or protect them, then ensure that end users continue to follow security policies, they say.

Collectively, the two companies already have nearly 5,000 customers, and their products protect some 14 million endpoints, the executives say. The companies have virtually no overlap between their product lines, and both rely heavily on the reseller channel for most sales.

Together, the two companies also have significant security management capabilities, but the combined organization has no plans to compete with security information management vendors, Szerszen says. (See A Multitude of SIMs.)

"What they are doing is event management and correlation, and that's not what we're talking about here," he states. "We're focused on security management from a policy enforcement perspective."

The deal is subject to the approval of SecureWave shareholders and is expected to be completed "in coming weeks," the partners say.

— Tim Wilson, Site Editor, Dark Reading

  • PatchLink Corp.
  • SecureWave S.A.

    Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon Contest
    Write a Caption, Win a Starbucks Card! Click Here
    Latest Comment: Our Endpoint Protection system is a little outdated... 
    Current Issue
    The Year in Security: 2019
    This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
    Flash Poll
    Rethinking Enterprise Data Defense
    Rethinking Enterprise Data Defense
    Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2019-10694
    PUBLISHED: 2019-12-12
    The express install, which is the suggested way to install Puppet Enterprise, gives the user a URL at the end of the install to set the admin password. If they do not use that URL, there is an overlooked default password for the admin user. This was resolved in Puppet Enterprise 2019.0.3 and 2018.1....
    CVE-2019-10695
    PUBLISHED: 2019-12-12
    When using the cd4pe::root_configuration task to configure a Continuous Delivery for PE installation, the root user�s username and password were exposed in the job�s Job Details pane in the PE console. These issues have been resolved in version 1.2.1 of the ...
    CVE-2019-5085
    PUBLISHED: 2019-12-12
    An exploitable code execution vulnerability exists in the DICOM packet-parsing functionality of LEADTOOLS libltdic.so, version 20.0.2019.3.15. A specially crafted packet can cause an integer overflow, resulting in heap corruption. An attacker can send a packet to trigger this vulnerability.
    CVE-2019-5090
    PUBLISHED: 2019-12-12
    An exploitable information disclosure vulnerability exists in the DICOM packet-parsing functionality of LEADTOOLS libltdic.so, version 20.0.2019.3.15. A specially crafted packet can cause an out-of-bounds read, resulting in information disclosure. An attacker can send a packet to trigger this vulner...
    CVE-2019-5091
    PUBLISHED: 2019-12-12
    An exploitable denial-of-service vulnerability exists in the Dicom-packet parsing functionality of LEADTOOLS libltdic.so version 20.0.2019.3.15. A specially crafted packet can cause an infinite loop, resulting in a denial of service. An attacker can send a packet to trigger this vulnerability.