Symantec buy SecurityFocus

ecksor

--SNIP--
FYI

Symantec to Acquire SecurityFocus

Offers Most Complete Security Early Warning System Available

CUPERTINO, Calif. - July 17, 2002 - Symantec Corp. (Nasdaq: SYMC) today announced the acquisition of SecurityFocus for approximately US$75 million in cash. With this acquisition, Symantec will offer customers the most comprehensive, proactive early warning system across the broadest range of threats. The transaction is expected to close by early to mid-August 2002.

"SecurityFocus has established the most respected security community and developed one of the leading early warning systems for customers around the world," said John W. Thompson, Symantec chairman and chief executive officer. "This acquisition will broaden Symantec's leadership in Internet security response with the addition of the world's first global threat management system, the most complete vulnerability database and customizable alert services."

"We have developed our global threat management systems to provide customers with timely and actionable information relevant to their individual networks," said Arthur Wong, SecurityFocus co-founder and chief executive officer. "Combined with Symantec's world-class antivirus expertise, industry-leading intrusion detection solutions and back-end infrastructure, we can rapidly deploy the most comprehensive threat management solutions to our global customers worldwide."

SecurityFocus has developed the world's most comprehensive and up-to-date database of vulnerabilities available. Symantec will continue to license the Vulnerability Database to security product vendors, managed service providers and other organizations that use it to create powerful new security products and services for their customers.

In addition, Symantec will continue to manage the Bugtraq mailing list and the online security community under the SecurityFocus brand. It will continue to offer a forum for objective reporting by security experts on the latest IT threats and attacks as well as how to prevent security breaches.

Symantec will also leverage the DeepSight line of global threat management solutions. The DeepSight Threat Management System provides early warning of attacks along with specific threat and patch information allowing companies to proactively protect their networks. More than 15,000 partners in more than 175 countries are registered to automatically provide a constant stream of security data that is correlated and analyzed to identify active attacks.

DeepSight Analyzer gives IT professionals the ability to track and manage incidents on their own networks by automatically correlating attacks from a multitude of intrusion detection solutions. The product manages threats by comparing incidents on their network against the Vulnerability Database, tracking attacks to resolution and generating statistical incident reports. Using information about suspicious network traffic and intrusions submitted by anonymous users, SecurityFocus identifies patterns in attacks that help serve as a threat-gauging system for the Internet community.

By monitoring almost 11,000 distinct versions of more than 2,700 products from 1,300 vendors, SecurityFocus provides proactive, customized alert services for environment-specific vulnerabilities and malicious code alerts. DeepSight Alert Services can be configured to ensure that customers receive only alerts that are relevant to their networks, enabling them to deploy patches or work-arounds before vulnerabilities can be exploited.
-- SNIP --

flamegrill

Yeah i saw that in an email today...

<snip eile>

Today, SecurityFocus and Symantec announced that Symantec is acquiring
SecurityFocus. Symantec sees real value in the services SecurityFocus
provides to its customers and believes they are an excellent fit with
their current offerings. We at SecurityFocus see this as an opportunity to
provide even better services in the future.

Symantec is also cognizant of the value and uniqueness of the public
services SecurityFocus provides to the community, such as the numerous
mailing lists we host and the content we provide via SecurityFocus Online.

In short this means the lists you are reading this will remain as is given
Symantecs commitment to the future growth and health of the community we
have all built here.

Cheers,
-al

VP Engineering
SecurityFocus
"Vae Victis"


</snip eile>

i'm not 100% sure if thats a good thing. How do you feel about it ecksor or anyone else for that matter?

ecksor

I think that Symantec having early access to vulnerability information is a conflict of interest. [*]

*shrug*, you can't always know what's vulnerable on your network anyway, and you have to think accordingly anyway, but it's nice if you do know. And I guess you get what you pay for.

Anyway, I just subscribe to vulnwatch, full-disclosure, securesoftware and anything else that's likely to get information.

[*] Of course, many would say there was a conflict anyway, and they might be right.

ego

[*] Of course, many would say there was a conflict anyway, and they might be right.

As soon as sf started providing services like ARIS and SIA, the conflicts began, imho.

I've seen posts to vulnwatch (cc: bugtraq) take 8 hours to appear on the bugtraq mailing list. Considering they are basing a service on disclosed information provided by the community, I don't see why there should be preferential treatment for subscribers to their own services (SIA subs would receive the alerts before joe public).

"Snoohie coochie boochie." - Jay.