Imperva has acquired three firms and added cloud DDoS mitigation technologies to its product offering.
The company announced last night that it will acquire Incapsula and Skyfence as well as the software assets of Tomium.
According to the company, the acquisition of Skyfence will see the addition of security for internal corporate applications which are moving to software-as-a-service (SaaS) delivery models. Skyfence offers a solution to provide user fingerprinting technology to profile normal user behaviour and detect anomalies that could indicate cyber attacks or inside threats.
Secondly, Imperva has agreed in principle to acquire the remaining shares of cloud-based web application security company Incapsula. This will offer security for external-facing production through an application-aware global cloud delivery network (CDN) platform and provide websites and web applications with best-of-breed security, DDoS protection, load balancing and failover solutions.
The third acquisition sees Imperva acquire real-time mainframe security auditing agents from Tomium Software. Tomium’s software monitoring agents stream real-time audit data to the Imperva SecureSphere platform, and the acquisition will natively integrate the Tomium technology into the SecureSphere platform to unify auditing, reporting and real-time monitoring across heterogeneous platforms.
Finally, Imperva also announced the release of the SecureSphere web application firewall for Amazon Web Services (AWS). This allows users to replicate their existing on-premise security controls as they migrate to the cloud as WAF instances are created and moved along with the applications they protect, including across Availability Zones, allowing for fast deployment of large enterprise-scale environments with minimal operational overhead.
Shlomo Kramer, CEO of Imperva, said: “Our acquisition strategy for Skyfence and Incapsula are very similar. We seeded Incapsula four years ago because we recognised that cloud delivery would change the web application security landscape.
“In the case of Skyfence, we believe that Software as a Service (SaaS) delivery models for internally facing corporate applications will substantially change the landscape for data centre security and compliance. We are investing in this space early to put us in the best position possible to help new and existing customers.”
Dan Hoffmann, director of product management at Tomium Software, said: “We have been working closely with Imperva since 2010 and we are thrilled to join the team. We look forward to accelerating our development of new products and natively integrating z/OS security data into Imperva’s SecureSphere.”
Bob Tarzey, analyst and director at Quocirca, told IT Security Guru that the decision to move into DDoS mitigation was interesting, as they are usually offered as “emergency” concepts or as a hybrid approach.
He said: “Mitigating denial of service needs to happen at multiple network levels; the problem may be a low level network DDoS attack or a more insidious higher level application attack. Cloud based services for DDoS mitigation such as DOSarrest and Akamai are offered up in emergencies, so when the attack happens you divert traffic.
“Other vendors such as the Arbor and Corero would say you should have permanent on-premise defences in place, but they too have cloud offerings, so can take a hybrid approach. The message being, ‘if our service providers defend themselves and their customers against DoS, then we should have le
ss (but not nothing) to worry about downstream’.
“So it looks like Imperva is recognising the need to need to offer a cloud-based service and also that both this and its on-premise devices should be part of the fight against the growing DoS problem. The interesting point here is that we are all potential victims, attackers may have no interest at all in a given organisation, but first, if it uses cloud infrastructure/application services, it may just suffer collateral damage from an attack on someone else.”
