Hoping to provide customers with a more robust defense against Web 2.0-based attacks, antivirus and firewall vendor Grisoft Inc. announced Wednesday that it will acquire Exploit Prevention Labs, the company founded two years ago by industry heavyweights Roger Thompson and Bob Bales.
Financial terms of the deal are not being disclosed, but Grisoft Managing Director Rick Carlson said Tuesday that most of Exploit Prevention Labs' 18 employees -- including Thompson, Greg Mosher and Chris Weltzien -- will join Grisoft. Thompson will become chief research officer, Greg Mosher, vice president of engineering and Chris Weltzien, vice president of business development. The deal is expected to be finalized by Dec. 31.
Carlson said the acquisition will allow Grisoft to advance beyond the so-called safe surfing initiatives of other antivirus vendors who have focused on database-driven defenses. That line of defense, he said, is incompatible with the dynamic, elusive nature of today's threats. Exploit Prevention Labs will give Grisoft an extra advantage because of its experience in real-time attack analysis and defenses designed to thwart Web 2.0-style attacks.
"We saw some specific developments that made this [acquisition] mandatory, mainly the fact that Web 2.0-based attacks represent the biggest security problem out there today," he said. "If you look at how the Alicia Keys and Al Gore Web sites have been hacked and how more Web sites are being used to hide malware, this is an accelerating problem and Exploit Prevention Labs' technology is currently the only reasonable solution on the market."
Headquartered in the Czech Republic, Grisoft claims to be the world's fourth-largest antivirus vendor, specializing in antivirus and firewall products for the consumer and the small and midsize business markets. Its products are distributed globally through some 12,000 resellers, the Internet and via its AVG Anti-Virus Software Developer's Kit. Grisoft is a private company, its investors include Intel Corp.'s venture arm Intel Capital, and it is best know for its AVG product line.
New Kingstown, Pa.-based Exploit Prevention Labs is known for its LinkScanner product line, billed as safe surfing software and services. The company was founded by Thompson and Bales in 2005.
Short-term product integration plans include adding LinkScanner technology to AVG Anti-Virus Free and offering LinkScanner Online, a free on-demand URL scanning service, directly from the AVG Web site. Grisoft also plans to maintain LinkScanner Pro, Exploit Prevention Labs' flagship product, as a standalone offering.
Thompson said acquisitions like this are essential if the security community is to beat back increasingly menacing Web 2.0 threats.
"Web exploits are a dynamic problem that requires a real-time solution," he said. "In today's Web 2.0 world of user-generated content and hyperlinked-everything, a Web page can be safe one minute and dangerous the next. This is the emerging battleground. The more functional you make a site or application, the less secure it is."
The acquisition reflects a larger trend of consolidation in the IT security market, as standalone security vendors struggle to survive and big IT infrastructure providers use acquisitions to integrate more security into its product development lifecycles.
Grisoft's move to expand its ability to tackle Web 2.0 threats mirrors that of such vendors as Websense Inc., which acquired PortAuthority Technologies Inc. late last year for $90 million in an effort to shore up its Web 2.0 security capabilities.
Others have been looking to latch into the growing hunger for data protection products. In October, for example, McAfee Inc. announced its acquisition of data encryption and access control vendor SafeBoot Corp. for $350 million.