Trustwave buys application firewall vendor Breach Security
- — 23 June, 2010 07:28
Trustwave continues to expand its security portfolio with the acquisition of Web application firewall vendor Breach Security.
The deal gives Trustwave not only Breach's commercial Web Defend firewall, but also its open source Web application firewall software ModSecurity.
Trustwave did not announce the price it paid for Breach.
The company says it plans to add WAF security to its array of application security services through its Spider Labs consulting, which also performs penetration testing, secure code review, security-focused software development training and incident response.
Breach's gear can be used to provide interim Web application security after vulnerabilities have been found in corporate Web apps and before they can be remediated via securing the code itself, Trustwave says. Web Defend will be offered as a separate product but also as the gear used in a managed WAF service, the company says.
Truswave is no stranger to acquisitions, having bought network-access control vendor Mirage Networks and data-loss prevention vendor Vericept in 2009 and encryption experts BitArmor earlier this year.
This disparate collection of expertise is due to a strategy that seeks out the most pressing security issues businesses face - based on Trustwave's interactions with customers -- and tries to fix them.
Comments
John B. Dickson, CISSP
1
How does this affect the independence of Trustwave in their QSA role if they are now selling a WAF? It strikes me as difficult for them to be unbiased when they wear the auditors hat if they are now selling key remediation technologies. I'd be interested in what others think...