McAfee Inc. plans to acquire Solidcore Systems Inc. in a $47 million deal that would add whitelisting technology to McAfee's software to protect embedded systems such as ATMs and point of sale devices.
To get security news and tips delivered to your inbox,
Solidcore sells dynamic whitelisting technology, which ensures that only good executable code can run on protected systems. The technology is used to protect servers, endpoints, embedded devices and mobile devices. It is used in many ATM's, point-of-sale terminals and Supervisory Control and Data Acquisition (SCADA) systems.
According to the terms of the deal, McAfee will pay $33 million in cash up front for Solidcore and an additional $14 million if certain financial targets are met. McAfee said it would incorporate Solidcore into its Risk and Compliance business unit.
The value of application whitelists: Although some may find Windows Vista's User Account Control feature annoying, it is really a variation of a security mechanism that is now re-emerging: the application whitelist.
Symantec CEO preaches new security model: In his first RSA Conference keynote as Symantec Corp.'s CEO, Enrique Salem made the case for an integrated approach to information security.
Whitelisting technology narrows the scope of many embedded systems to ensure that an attacker can't install malicious code, said Phil Hochmuth, a senior analyst at the Yankee Group.
"Whitelisting ensures the only thing those devices are doing are exactly the services you want to deliver," Hochmuth said. "In some ways, it should be more of a feature or component of a larger security product or offering as opposed to a stand alone type of technology."
Whitelisting has gained some prominence in recent years as some have sought an alternative to traditional antivirus software, said Andrew Braunberg, enterprise software and security research director at CurrentAnalysis Inc. Braunberg said Microsoft has seen the benefits of whitelisting. Solidcore competitor SignaCert is working with Microsoft to exchange whitelist methods for application developers to make sure any application running on top of Windows could be checked for integrity before it is run. Symantec said it would also use whitelisting in the upcoming version of its Norton antivirus software to improve performance.
"This is a good play for McAfee with PCI driving lot of security spend right now," Braunberg said. "It's also another sign that whitelisting is becoming more mainstream."
McAfee said combining whitelisting with its blacklisting features adds real-time enforcement. In addition Solidcore offers File Integrity Monitoring (FIM) technology for Payment Card Industry Data Security Standards (PCI DSS) compliance. The technology could be used to ensure that companies maintain compliance.
McAfee said the acquisition will also result in new configuration management software as well as additional capabilities to secure virtual environments. In April, Solidcore released whitelisting that supports Microsoft Hyper-V. The technology can also be used in VMware implementations.
"Solidcore's industry-leading compliance and protection solutions will extend the current McAfee security portfolio beyond signature-based anti-malware with the addition of dynamic whitelisting and application trust technology," Dave DeWalt, president and chief executive officer, McAfee said in a statement.