Access your Pro+ Content below.
What the Watchfire-Sanctum acquisition means for Web app security
This article is part of the September 2004 issue of Information Security magazine
Last month's acquisition of Web security vendor Sanctum by Watchfire has all the markings of a fire sale. On paper, the deal allows Watchfire to complement its suite of Web developer tools with Sanctum's Web security solutions, creating a well-rounded Web application testing suite. Behind the scenes, however, unconfirmed reports of Sanctum's sub-$50 million fetching price demonstrates just how soft the Web application security market is. It also serves as a warning to other security companies and their backers. Sanctum invented the Web app security space in the mid-'90s with its firewall, AppShield, and scanner, AppScan, foreseeing the need for better application-layer security for Web environments. But the market has been mediocre at best, even with the entrance of competitors such as Teros, Kavado and SPI Dynamics. This isn't to say that Web app security risks aren't real. The attack techniques are well-documented: SQL injection, cookie poisoning and hidden form-field manipulation, to name a few. The Internet is littered with ...
Access this Pro+ Content for Free!
Features in this issue
Despite heightened post-9/11 security awareness, the U.S. is exposed to numerous critical infrastructure threats.
Emerging Web app security services and products bring source code vulnerabilities to light, writes James C. Foster.
Offshoring is good for business, but lax security practices can torpedo your investment.
Columns in this issue
Would you tell your enterprise security secrets if you could hear others? Lawrence Walsh explains why he thinks communication in the security field is lacking.
Measuring risk and forming best practices relies on learning from past experiences. Analyst Jay Heiser explains how security tactics in the past, echo in todays world.
Do you rush to deploy patches, hot fixes or service packs as soon as possible? Victor Garza explains why this may not necessarily be the right decision.
See why Watchfire's acquisition of Sanctum does not spell the end for web app security.
The information security officer will soon go the way of the dodo bird.