NitroSecurity covers its bases with RippleTech deal

By Neil Roiter, Senior Technology Editor, Information Security magazine 16 Jul 2008 | SearchSecurity.com

Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

In the course of completing the transaction, we became a lot more enamored with their database activity monitor too. Ken Levine, CEO, NitroSecurity

Yesterday's acquisition of log management and database monitoring vendor RippleTech Inc. by security incident and event management (SIEM) and intrusion prevention system (IPS) company NitroSecurity, appears to be a natural fit to answer the perennial questions about converging compliance, security and network operations.

• What's going on with my network, databases and applications?
• What inadvertent or malicious mischief are my users up to?
• Who's trying to do me harm?

When considered together, SIEM, database monitoring, and log management products go a long way in addressing these questions, but they have developed largely as disparate tools. Thankfully, corporations and their vendors are connecting the dots. In particular, log management products are becoming enormously popular, their sales driven largely by the Payment Card Industry Data Security Standard (PCI DSS). The database auditing and monitoring market has experienced healthy growth, which was also spurred by regulatory compliance.

SIEM solutions have focused primarily on security intelligence, and their market appeal has grown with the mounting demands of regulatory requirements, but they tend to be pricey and appeal mostly to large enterprises.

SearchSecurity radio:

With the acquisition of RippleTech's LogCaster (now NitroView LogCaster), Informant (now NitroGuard Database Monitor), and Enterprise Security Manager, NitroSecurity plans to offer an integrated suite based on its NitroView platform. The company plans to continue to offer each product separately.

Log management is a hot topic, as pure-play product and managed service vendors prosper, and SIEM companies add log management capabilities or, increasingly, separate products through development, partnerships or, as in this case, acquisitions.

"Log management was the primary reason we started talking," said NitroSecurity CEO Ken Levine. "In the course of completing the transaction, we became a lot more enamored with their database activity monitor too. It became 50-50, but it absolutely was 101% about logs. Our guys were walking away from log management deals all the time."

Levine said customers are often looking and budgeting for log management for compliance first, and SIEM, perhaps, second. So the ability to offer both as an integrated solution made sense.

NitroSecurity plans the integration in two phases. The first phase, in the short term, is to get the products to communicate, and the second phase is to get the products to pull reports into NitroView. Full integration is expected in about six months.

That integration isn't trivial. At their foundation, log management and SIEM tools have to share common engine capabilities, so they are using compatible collection, aggregation and normalization techniques. NitroSecurity will integrate LogCaster into its proprietary database to help accomplish the transition.

The combined offerings put NitroSecurity to compete more effectively with SIEM vendors like ArcSight, NetForensics, Intellitactics, OpenService and Cisco. NitroSecurity will also compete with log management companies such as SenSage, LogLogic and LogRhythm, and database monitoring firms such as Guardium, Imperva, Lumigent, Tizor Systems, Sentrigo and Symantec.

Tags: Network Intrusion Prevention (IPS),  Security Event Management,  Enterprise Data Governance,  Database Security Management,  Vendor Management: Negotiations, Budgeting, Mergers and Acquisitions,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Network Intrusion Prevention (IPS) Aligning network security with business priorities Best Intrusion Prevention and Detection Products Port scan attack prevention best practices Lesson 4: How to use wireless IPS Lesson 1 quiz: Risky business Hacker attack techniques and tactics: Understanding hacking strategies SIMs tools and tactics for business intelligence IPS and IDS deployment strategies I'll be watching you: Wireless IPS Know when you need IDS, IPS or both Network Intrusion Prevention (IPS) Research Security Event Management Network traffic collection, analysis helps prevent data breaches Best Security Information and Event Management Products Understanding PCI DSS compliance requirements for log management Data breach notification legislation: What info must be released? How to prevent a denial-of-service (DoS) attack Mature SIMs do more than log aggregation and correlation The top 5 network security practices SIMs tools and tactics for business intelligence SIEM: Not for small business, nor the faint of heart Should IDS and SIM/SEM/SIEM be used for network intrusion monitoring? Enterprise Data Governance Creating an enterprise data protection framework Analyst DLP study finds maturity, ranks top DLP vendors Voltage, RSA spar over tokenization, data protection Twitter gets condemned by CISOs at Forrester forum PCI DSS compliance requirements: Ensuring data integrity Trustwave acquires data loss prevention vendor Vericept Data has become too distributed to secure, Forrester says Cloud-based security services should start private Compliance in the cloud How to write technology outsourcing contracts

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary Diffie-Hellman key exchange  (SearchSecurity.com) intrusion prevention  (SearchSecurity.com) network behavior analysis  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary