Security customers are asking their vendors for more new features for their existing products at little or no cost as they struggle to balance smaller or flatter budgets with ongoing compliance requirements and a constantly changing threat landscape.

Several vendors at last week's RSA Conference acknowledged that many of their customers, now faced with tightening budgets and, in some cases, loss of manpower from layoffs, are asking for freebie feature upgrades to their existing installed security tools. And the vendors are obliging to hold onto their customer base and survive the downturn.

"It's a buyers' market," says Nick Selby, vice president and research director at The 451 Group. "About eight months ago, simultaneous with the real market crash, [large] customers started demanding more from their vendors. By now, even the less proactive customers are holding vendors' feet under the fire."

Selby says organizations are asking for a higher level of support and additional features. "In larger organizations, they are demanding and getting concessions from vendors for free software, free gear, upgrades, and more seats," says Selby, who declined to name those organizations. "This is absolutely a trend."

Some of the announcements at RSA were about new, free features for existing tools. IBM ISS was one vendor last week that announced major upgrades to some of its security gear at no extra cost to its existing customers. Among a series of product announcements, IBM rolled out a Web application firewall feature for its Proventia IPS products that combines IBM's Rational AppScan vulnerability scanner and the Web application firewall. John Pirc, senior product manager for IBM ISS's network business line, says intrusion prevention systems (IPSes) are evolving into more inline devices mainly due to regulatory pressures.

It's not a "rip and replace" situation anymore for organizations, Pirc says. "They are trying to reduce appliance sprawl," he says. "You will see us add more features to it."

The IPS, which historically has been slammed by some security experts as a dead-end technology, is enjoying a resurgence as a multifunction network device. "It provides value and a big bang for the buck," The 451 Group's Selby says.

He says most vendors had previously been offering and negotiating special deals with some customers on an ad hoc basis, but the more sweeping upgrades announced during the past week aimed at all existing customers "is a sign of the times."

The downward pressure on the price of endpoint solutions, for instance, is helping customers score some good deals, as well. Endpoint commoditization by Google and Symantec, for example, is making the per-seat price very low, Selby says. "There's real downward pressure on the mainstays of security," he says.

Paul Zimski, vice president of solution marketing for Lumension Security, says these days the firm's customers are looking for ways to save money and be more productive in their security operations. And Lumension is looking at more ways to deliver that: "This is the time to stay entrenched -- and to bring in new technologies," Zimski says. "Our long-term plan is to upgrade features and modules...The endpoint will be the delivery mechanism for other services.

"I believe strongly that customers are looking to consolidate solutions and IT investment anywhere they possibly can right now. It's going to be important that vendors be aggressive in delivering incremental value by providing additional capabilities and modules to existing platforms."

Lumension's big news at RSA was that it had signed a deal to purchase Securityworks, a Dallas-based provider of compliance and risk management solutions. Shavlik Technologies, meanwhile, announced it had added Sunbelt Software's VIPRE antivirus and antispyware engine to its patch management product, Shavlik NetCk Protect 7. The company says it will provide that upgrade to its existing NetCk Protect customers "at very little or no additional cost."

For security vendors, "It's a matter of treading water and riding this out," The 451 Group's Selby says. Selby is also bullish on security mergers and acquisitions: "It's a fantastic time to buy security assets," he says. "Vendors are looking for opportunities to grow, and there are tremendous opportunities."

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.