Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

8/19/2013
08:33 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

IBM To Acquire Trusteer

New IBM Cybersecurity Software Lab in Israel will focus on mobile and application security, counterfraud, and malware detection

ARMONK, NY, - 15 August 2013: IBM (NYSE: IBM) today announced a definitive agreement to acquire Trusteer, a leading provider of software that helps protect organizations against financial fraud and advanced security threats. The acquisition of Trusteer advances the investment IBM is making in cloud-delivered software and services. Financial terms were not disclosed.

As part of this announcement, IBM is forming a cybersecurity software lab in Israel that will bring together more than 200 Trusteer and IBM researchers and developers to focus on mobile and application security, advanced threat, malware, counter-fraud, and financial crimes. This lab is an addition to IBM's existing research and development facilities in Israel.

With offices located in Boston and Tel Aviv, Israel, Trusteer helps hundreds of organizations including many financial institutions protect Web applications, employee and customer computers, and mobile devices from threats. Cybercriminals are becoming increasingly efficient in creating and deploying attacks to bypass existing security controls.

Trusteer software can identify security threats that can be missed by traditional security software. For example, to help ensure that banking customers can safely transfer money on a mobile device, Trusteer software performs detection of malware that can infect a smartphone, enabling the bank to take steps to prevent fraudulent behavior and account takeover before the transaction occurs. Seven of the top 10 U.S. banks and nine of the top 10 U.K. banks use Trusteer's solutions to help secure customer accounts against financial fraud and cyber attacks.

"Trusteer's expertise and superior technology in enterprise endpoint defense and advanced malware prevention will help our clients across all industries address the constantly evolving threats they are facing," said Brendan Hannigan, General Manager, Security Systems Division, IBM. "Together with IBM's capabilities in advanced threat detection, analysis and remediation, we will now be able to offer our clients several additional layers of defense against sophisticated attackers."

"The way organizations protect data is quickly evolving," said Mickey Boodaei, CEO, Trusteer. "As attacks become more sophisticated, traditional approaches to securing enterprise and mobile data are no longer valid. Trusteer has helped hundreds of large banks and organizations around the world defeat thousands of sophisticated attacks using innovative solutions that combine intelligence, cloud, mobile, and desktop technologies."

Among the capabilities Trusteer will bring to the IBM security portfolio:

Security as a Service Delivered through the Cloud

Cloud-delivered security solutions by Trusteer will complement more than 100 Software as a Service (SaaS) solutions offered by IBM. In addition to traditional IT solutions, Trusteer leverages SaaS architecture to enable protected PCs, desktops, smartphones and tablets to rapidly adapt against emerging threats. Because Trusteer software can be delivered through the cloud, organizations can receive accurate, real-time updates on malicious activities and the latest threats, better protecting data from fraud and compromise.

Comprehensive Counter-Fraud and Advanced Persistent Threat (APT) Protection

Trusteer's cybersecurity protection can scale to help protect tens of millions of endpoints, including smartphones and tablets. One of the primary targets of malware attacks are consumer endpoints. Malware installed on a bank customer's PC or smartphone, for example, can generate fraudulent transactions. Additionally, malware and phishing can help attackers steal credentials and other personal data. Financial malware and fraudulent activity can be identified and removed using solutions from Trusteer.

The acquisition of Trusteer will complement IBM's advanced portfolio of counter- fraud software and services, including QRadar, i2, SPSS, InfoSphere and Enterprise Content Management. These capabilities offer predictive, content and investigative analytics to help prevent and solve cases of fraud for private and public sector organizations.

Helping to Secure Mobile Transactions

Of the top 25 US financial institutions, about half are offering mobile person-to-person transfers and mobile remote deposit capabilities, a figure that has more than doubled since 2011. This steady increase in adoption is putting the mobile channel in the crosshairs of account takeover attacks that are launched using credentials stolen from customers via phishing and malware attacks. Trusteer can help provide account takeover prevention, compromised device detection, complex device fingerprinting and a global fraudster database.

Cybersecurity Software Lab

IBM is also announcing that it will combine its Israeli software security research and development team along with Trusteer's research and development team in Tel Aviv to form an IBM Cybersecurity Software Lab. This lab will focus on mobile and application security, as well as advanced fraud and malware detection. Trusteer's research and global expertise in fraud intelligence and malware helps provide organizations with protection in a constantly evolving threat landscape. This is done by analyzing data gathered from more than 30 million endpoints, using data analytics to develop real-time, actionable intelligence that will be incorporated into IBM's security products and services.

About IBM Security

IBM provides the security intelligence to help organizations protect their people, data, applications and infrastructure. IBM operates one of the world's broadest security research and development organizations. IBM manages and monitors 15 billion security events every day for nearly 4,000 clients around the world and holds more than 3,000 security patents.

For more information on IBM security, please visit: www.ibm.com/security

To listen to a podcast by IBM and Trusteer's leadership discussing today's announcement, please visit http://securityintelligence.com/resources/ibm-announces-intention-to-acquire-trusteer

To view a short video by IBM and Trusteer's leadership discussing today's announcement, please visit: http://securityintelligence.com/resources/ibm-announces-intention-to-acquire-trusteer-video

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Manchester United Suffers Cyberattack
Dark Reading Staff 11/23/2020
As 'Anywhere Work' Evolves, Security Will Be Key Challenge
Robert Lemos, Contributing Writer,  11/23/2020
Cloud Security Startup Lightspin Emerges From Stealth
Kelly Sheridan, Staff Editor, Dark Reading,  11/24/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27218
PUBLISHED: 2020-11-28
In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is ...
CVE-2020-29367
PUBLISHED: 2020-11-27
blosc2.c in Blosc C-Blosc2 through 2.0.0.beta.5 has a heap-based buffer overflow when there is a lack of space to write compressed data.
CVE-2020-26245
PUBLISHED: 2020-11-27
npm package systeminformation before version 4.30.5 is vulnerable to Prototype Pollution leading to Command Injection. The issue was fixed with a rewrite of shell sanitations to avoid prototyper pollution problems. The issue is fixed in version 4.30.5. If you cannot upgrade, be sure to check or sani...
CVE-2017-15682
PUBLISHED: 2020-11-27
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to inject malicious JavaScript code resulting in a stored/blind XSS in the admin panel.
CVE-2017-15683
PUBLISHED: 2020-11-27
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band.