NitroSecurity covers its bases with RippleTech deal

By Neil Roiter, Senior Technology Editor, Information Security magazine 16 Jul 2008 | SearchSecurity.com

Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

In the course of completing the transaction, we became a lot more enamored with their database activity monitor too. Ken Levine, CEO, NitroSecurity

Yesterday's acquisition of log management and database monitoring vendor RippleTech Inc. by security incident and event management (SIEM) and intrusion prevention system (IPS) company NitroSecurity, appears to be a natural fit to answer the perennial questions about converging compliance, security and network operations.

• What's going on with my network, databases and applications?
• What inadvertent or malicious mischief are my users up to?
• Who's trying to do me harm?

When considered together, SIEM, database monitoring, and log management products go a long way in addressing these questions, but they have developed largely as disparate tools. Thankfully, corporations and their vendors are connecting the dots. In particular, log management products are becoming enormously popular, their sales driven largely by the Payment Card Industry Data Security Standard (PCI DSS). The database auditing and monitoring market has experienced healthy growth, which was also spurred by regulatory compliance.

SIEM solutions have focused primarily on security intelligence, and their market appeal has grown with the mounting demands of regulatory requirements, but they tend to be pricey and appeal mostly to large enterprises.

SearchSecurity radio:

With the acquisition of RippleTech's LogCaster (now NitroView LogCaster), Informant (now NitroGuard Database Monitor), and Enterprise Security Manager, NitroSecurity plans to offer an integrated suite based on its NitroView platform. The company plans to continue to offer each product separately.

Log management is a hot topic, as pure-play product and managed service vendors prosper, and SIEM companies add log management capabilities or, increasingly, separate products through development, partnerships or, as in this case, acquisitions.

"Log management was the primary reason we started talking," said NitroSecurity CEO Ken Levine. "In the course of completing the transaction, we became a lot more enamored with their database activity monitor too. It became 50-50, but it absolutely was 101% about logs. Our guys were walking away from log management deals all the time."

Levine said customers are often looking and budgeting for log management for compliance first, and SIEM, perhaps, second. So the ability to offer both as an integrated solution made sense.

NitroSecurity plans the integration in two phases. The first phase, in the short term, is to get the products to communicate, and the second phase is to get the products to pull reports into NitroView. Full integration is expected in about six months.

That integration isn't trivial. At their foundation, log management and SIEM tools have to share common engine capabilities, so they are using compatible collection, aggregation and normalization techniques. NitroSecurity will integrate LogCaster into its proprietary database to help accomplish the transition.

The combined offerings put NitroSecurity to compete more effectively with SIEM vendors like ArcSight, NetForensics, Intellitactics, OpenService and Cisco. NitroSecurity will also compete with log management companies such as SenSage, LogLogic and LogRhythm, and database monitoring firms such as Guardium, Imperva, Lumigent, Tizor Systems, Sentrigo and Symantec.

Tags: Network Intrusion Prevention (IPS),  Security Event Management,  Enterprise Data Governance,  Database Security Management,  Vendor Management: Negotiations, Budgeting, Mergers and Acquisitions,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Network Intrusion Prevention (IPS) Lesson 1 quiz: Risky business Hacker attack techniques and tactics: Understanding hacking strategies SIMs tools and tactics for business intelligence IPS and IDS deployment strategies Know when you need IDS, IPS or both Trend Micro to acquire Third Brigade for virtualization, cloud security What are the best practices for IPS implementation? Host-based intrusion prevention addresses server, desktop security Intrusion detection vs. intrusion prevention IBM announcements mark two years of ISS marriage Network Intrusion Prevention (IPS) Research Security Event Management Mature SIMs do more than log aggregation and correlation SIMs tools and tactics for business intelligence SIEM: Not for small business, nor the faint of heart Should IDS and SIM/SEM/SIEM be used for network intrusion monitoring? Tying log management and identity management shortens incident response How to estimate log generation rates SANS Log Management Survey is "Looking for the ROI" Review system event logs with Splunk Virtual network tool gives firm view into virtualized environment Mining enterprise SIM logs for relevant security event data Enterprise Data Governance Risk management must include physical-logical security convergence Simple information security mistakes can cause data loss, says expert Organizations struggle with data leakage prevention, rights management Encryption in data management should never be ignored, expert says Attackers cash in on fundamental data handling mistakes, Verizon finds Data loss prevention benefits in the real world Mass., Nev. data protection laws wrong, ineffective Cybersecurity hearing highlights inadequacy of PCI DSS Enforcing a vendor risk assessment to avoid outsourcing security risks How to Secure Cloud Computing

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary Diffie-Hellman key exchange  (SearchSecurity.com) intrusion prevention  (SearchSecurity.com) network behavior analysis  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary