Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

11/30/2009
06:16 PM
Connect Directly
LinkedIn
Twitter
RSS
E-Mail
50%
50%

IBM Buys Database Security Company

By purchasing Guardium, IBM is strengthening its ability to sell to healthcare and financial companies.

IBM on Monday said that it has acquired Guardium, a computer security company focused on real-time database monitoring and protection for large companies.

The deal marks IBM's sixth acquisition and its second purchase of a security company this year. Financial terms were not disclosed.

IBM intends to use Guardium's database monitoring technology to help companies safeguard their internal data and to automate certain tasks required for regulatory compliance.

The software and services giant characterizes the acquisition as an extension of its business analytics strategy, which revolves around the company's Business Analytics and Optimization Consulting organization.

IBM plans to integrate Guardium into its Information Management Software portfolio.

"Organizations are grappling with government mandates, industry standards and business demands to ensure that their critical data is protected against internal and external threats," said Arvind Krishna, general manager of IBM Information Management practice in a statement. "This acquisition is another significant step in our abilities to help clients govern and monitor their data, and ultimately make their information more secure throughout its lifecycle."

Concerns about hackers and cybercrime play a role in the deal, but Gartner Research VP Avivah Litan says the Guardium acquisition has more to do with compliance than with security.

"The truth is compliance is what sells security," she said.

Litan expects that the Guardium deal will help IBM sell compliance solutions to healthcare and financial companies.

"It gives them software they they need to sell into those markets," she said.

Nonetheless, Litan praises the effectiveness of Guardium's technology, which can keep an eye on what database administrators are doing.

"It's very effective in certain situations," she said. "It excels at privilege-use monitoring."

InformationWeek has published an in-depth report on e-health and the federal stimulus package. Download the report here (registration required).

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-25250
PUBLISHED: 2021-04-13
An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a sensitive file could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privil...
CVE-2021-25253
PUBLISHED: 2021-04-13
An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a resource used by the service could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to exec...
CVE-2021-28645
PUBLISHED: 2021-04-13
An incorrect permission assignment vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target ...
CVE-2021-28646
PUBLISHED: 2021-04-13
An insecure file permissions vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to take control of a specific log file on affected installations.
CVE-2021-28647
PUBLISHED: 2021-04-13
Trend Micro Password Manager version 5 (Consumer) is vulnerable to a DLL Hijacking vulnerability which could allow an attacker to inject a malicious DLL file during the installation progress and could execute a malicious program each time a user installs a program.