In-Depth

Minding the Gap: Security Vendors Look to Plug Holes in Suite Offerings

Security vendors are stepping up their efforts to close the gap between security and operations

• By Stephen Swoyer
• 02/03/2009

A high-profile data breach at Heartland Payment Services might’ve snagged most of the information security ink lately, but -- notwithstanding the enormity of the Heartland breach (which industry watchers are calling the biggest kerfuffle to date) -- there’s plenty of other activity across the industry as a whole.

Consider a joint licensing agreement that both BigFix and Trend Micro announced recently. Although most licensing agreements draw big yawns, especially when viewed in isolation, considered in tandem with similar deals (and viewed as a consequence of a distinct industry trend), there’s no denying that the security landscape is changing. An increasing number of vendors -- McAfee, Sophos, Symantec, Trend Micro, and others -- are stepping up their efforts to close the gap between security and operations.

Their tactic: a one-stop shop for security administration.

We’ve already seen security players spend big money to shore up their offerings -- and develop full-fledged suites -- in the end-point market. Consider the case of Sophos, which last year spent $340 million for endpoint security specialist Ultimaco Safeware (see http://esj.com/security/article.aspx?EditorialsID=3285).

The BigFix-Trend Micro agreement, for its part, is the reverse of that coin: an endpoint suite player (BigFix) partnering with an established security giant (Trend Micro) to plug a hole in its endpoint stack. It’s also a case of BigFix seeing the Big Picture: it plans to license Trend Micro’s malware detection to new customers -- in place of its existing CA offering -- which officials believe will broaden the appeal of BigFix’s Endpoint protection module in enterprise environments. Trend Micro, for its part, will build BigFix 's client and management infrastructure into a special version of its Officescan product.

Industry watchers cite synergies aplenty for both companies.

“The addition of the BigFix infrastructure will help Trend Micro improve its management capability for large enterprises as well as provide a security and operations integration story that can counter the threat from competitors,” writes Gartner analyst Peter Firstbrook in a research blast. “It also will enable Trend Micro customers to benefit from more proactive procedural security measures such as asset discovery, vulnerability detection, patching and security configuration management, as well as improve its ability to rapidly replace competitors and to manage a multivendor environment.”

Firstbrook sees the deal as of a piece with an emerging trend toward the integration and convergence of security and operations. In the case of BigFix and Trend Micro, he concedes, the trend is less pronounced than -- for example -- that of Sophos and Ultimaco Safeware, where $340 million was at stake. In fact, IBM Corp. and Big Fix are rumored to be announcing a similar relationship later this year, Firstbrook points out.

“Trend Micro is only tepidly embracing this integration by only reselling the patch management module. Trend Micro customers that want to adopt other BigFix operations functions must obtain them through the BigFix channel,” he says. “Technology licensing will enable Trend Micro to continue to focus on malware detection and remediation without the distraction of corporate integration; however, it also leaves the door open for future disruption should Trend Micro seek a new approach for delivering operations integration.”

The irony, says Firstbrook, is that Trend Micro and other malware detection players could soon find themselves the odd vendors out. “Trend Micro could face account ownership issues as customers rely on more BigFix operations modules and begin to see malware as the commodity component,” he concludes.