IBM Buys Watchfire to Bolster Security and Compliance Testing
June 11, 2007 Timothy Prickett Morgan
Big Blue likes Watchfire‘s AppScan security and compliance testing software so much that last week, rather than buy a lot more of its software, it went out an bought the whole company.
Increasingly, IBM thinks of itself less as a systems company and more as a provider of software and services, and it seems to like nothing better than a product or a strategy, like services oriented architecture (SOA) tools, that seems to do a little of both. IBM also likes security products that fill in gaps in IBM’s software product line, and the AppScan products not only fill in a missing piece in IBM’s security and compliance software offerings; they also provide a link between the Rational family of application development tools and the Tivoli family of systems management and security products.
The AppScan suite of tools were not developed by Watchfire, which was founded in 1996, but came to the company through the acquisition of a small software company called Sanctum in the summer of 2004. Watchfire’s own product, which is called WebXM, is an auditing tool for making sure companies are compliant with myriad government regulations that cover how information and applications are accessed by employees, partners, and customers. The AppScan suite is a complementary toolset in that they are used to find any security vulnerabilities in Web-style applications. IBM not only one of Watchfire’s 800 customers, but it was a partner that sold the product through its Global Services unit.
The financial details of the Watchfire acquisition were not disclosed, but IBM said that the 190 employees of the company would join its Rational tools division within its Software Group when the deal closes in the third quarter. This acquisition follows a much bigger move that IBM made last August, when it paid $1.3 billion in cash to buy security appliance maker Internet Security Systems.