Web App Security Heats Up

And by that, we mean M&A and consolidation, as HP looks to buy following IBM's purchase of Watchfire

June 7, 2007

2 Min Read
NetworkComputing logo in a gray background | NetworkComputing

5:00 PM -- Yep, Web app security is now officially on the big guys' radar screens. IBM's announcement yesterday of its plans to acquire Web application testing company Watchfire was just the spark that could fire up this space. (See IBM to Enter Web App Security.)

Then came rumors of HP snapping up SPI Dynamics, one of Watchfire's biggest rivals. Neither HP nor SPI would comment on it, but sources close to the companies say they expect HP or another big name to come knocking at SPI's door.

The 451 Group says SPI officials told them they have been in acquisition talks with several companies, including HP and Microsoft. "We have heard that HP may make an offer for SPI," says Nick Selby, a senior analyst with The 451 Group.

Either way, HP and Microsoft just can't sit on the fence in Web app security anymore. "The Web app pen testing space has been waiting to take off for the last five years," Selby says. "This [IBM] acquisition highlights the fact that enterprises are actually waking up to" the vulnerabilities in their Web-based apps.

Matthew Moynahan, CEO of startup Veracode, which offers security scanning services for software, believes the IBM deal was only the first. "This acquisition and further acquisitions to come in the tools space will continue to validate and raise awareness in our core marketplace -- and continue to illustrate that the problems associated with securing code extend well beyond tools' capabilities to solve it."

Moynahan points out that Veracode and other industry estimates show that application security is only about 10 percent of the total security expenditures (the rest is the network). That disconnect won't be long-lived, though: "This must re-adjust given that the threat space has moved from the network to the applications, and I believe that IBM’s move is a bellwether move for the industry in general."

And with around eight in 10 Websites sporting security holes and most attacks targeting the Web app layer, something's gotta give. Maybe it'll be the purse strings of HP or Microsoft, and then the enterprise.

— Kelly Jackson Higgins, Senior Editor, Dark Reading

SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox
Sign-Up

You May Also Like

More Insights
Webinars
More Webinars
Reports
More Reports

Editor's Choice

Enterprises investing in new infrastructure to support AI will have to choose between InfiniBand and Ethernet
Enterprise Connectivity
The Impact of AI on The Ethernet Switch MarketThe Impact of AI on The Ethernet Switch Market
byPam Baker, Contributing Writer
Sep 16, 2024
5 Min Read
Blue and purple digital cloud connecting apps and services with campus NaaS.
NaaS
Campus NaaS: Remaking the Campus NetworkCampus NaaS: Remaking the Campus Network
bySalvatore Salamone, Managing Editor, Network Computing
Jul 31, 2024
4 Min Read
DPUs are extensively used to accelerate AI and ML workloads by offloading tasks such as neural network inference and training from CPUs and GPUs.
Network Infrastructure
Harnessing DPUs & How DPUs are Changing Data CentersHarnessing DPUs & How DPUs are Changing Data Centers
byBob Wallace, Featured Writer
Jul 30, 2024
10 Min Read
Webinars
More Webinars
White Papers
More White Papers
Reports
More Reports
Live Events
More Live Events