News Stay informed about the latest enterprise technology news and product updates.

IBM to acquire database security firm Guardium

Deal reportedly worth $225 million.

IBM is expected to announce the acquisition of database security vendor Guardium Inc. for $225 million.
To get security news and tips delivered to your inbox, click here to sign up for our free newsletter.

Founded in Israel, the Boston-based firm was started in 2002 and has about 60 employees. The deal was reported Friday in the Israeli financial newspaper TheMarker.

Guardium's SQL Guard appliance monitors and manages connections to and from a wide variety of enterprise database products. The company's line of Linux-based appliances ensures a system of checks and balances between the security and database engineering teams by bypassing native database logging features.

Database activity monitoring:
Compliance, data breaches heighten database security needs: Experts say database platforms lack robust native encryption, monitoring, assessment and management tools to meet demanding new security requirements. 

NitroSecurity covers its bases with RippleTech deal
: NitroSecurity Inc. will integrate log management and database activity monitoring with security incident and event management (SIEM). 

The database activity monitoring (DAM) software hosted on the appliance consists of local database agents, network-based appliances to passively gather traffic or to actively work as a firewall, and aggregation servers that collect and analyze data. Guardium is a subsidiary of Israel's Log-On Software.

Database activity auditing and monitoring technologies give companies reports from vast amounts of activity logs collected daily. In addition to Guardium, other vendors include Application Security Inc., Embarcadero Technologies Inc., Imperva Inc., IPLocks Inc., Lumigent Technologies Inc., Sentrigo Inc. and Symantec Corp.

Adrian Lane, an independent consultant at Securosis, a security practice based in Phoenix, Ariz. said the economy has created opportunities for large vendors to acquire smaller start-ups. The DAM market has been undergoing consolidation, he said. Data warehouse and analytics vendor Netezza Corp. acquired Tizor Systems Inc. in March. Last year, database monitoring vendor RippleTech Inc. was acquired by security incident and event management (SIEM) and intrusion prevention system (IPS) company NitroSecurity Inc.

In an interview with Lane said he expects further consolidation as many of the companies have reached their full revenue potential within the market.

"There are other companies out there interested in the technology, but it depends whether or not the remaining vendors meet their architecture and feature requirements," Lane said. "This market is mature with vendors offering a broad range of compliance and security policies built-in. They've proven they can integrate within workflow and trouble ticketing systems."

Lane said Guardium may have been attractive to IBM because it is one of the only firms that supports mainframe monitoring. The price Big Blue paid -- $225 million -- is surprising and could reflect that it was bidding against other competitors, he said.

Dig Deeper on Database Security Management-Enterprise Data Protection

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.