BeyondTrust eyes app security with eEye acquisition
The privilege management company plans to spend money beefing up eEye's application security technology
By Antone Gonsalves
May 11, 2012 — CSO — BeyondTrust has acquired partner eEye Digital Security, taking in-house the application security features BeyondTrust sold with its privilege management software.
BeyondTrust announced the purchase Wednesday without releasing financial details. The 100-employee eEye will be absorbed into BeyondTrust, including management. The combined company will have 250 employees and 2,000 customers.
BeyondTrust sells software that controls the applications and other assets an employee has access to on a corporate network. Being able to set and monitor employee privileges keeps workers from data they shouldn't have access to, while also establishing an order that, if disrupted suddenly, could indicate someone from the inside of an organization is seeking unauthorized access to information.
Once access rights are established, the next logical step is to make sure applications employees are using have been updated to the latest version and are not carrying any malware. That's where eEye comes in.
EEye provides a software console for vulnerability analysis and reporting. The company also sells antivirus software for intrusion prevention. The antivirus software includes real-time alerting.
One of the smallest companies in the endpoint protection platform market, eEye has a limited presence outside North America and in organizations of more than 500 employees, a recent report from Gartner said.
The product also lacks data encryption and data loss prevention capabilities and only supports Windows desktop and server platforms, which mean organizations with Macs and specialized servers, such as those for Microsoft Exchange and SharePoint, are out of luck.
BeyondTrust plans to spend some money beefing up eEye's technology. Chief Executive John Mutch said he planned to spend more than a quarter of revenue on research and development dedicated to the companies' joint product lines.
While vague on the combined company's future plans, Marc Maiffret, who went from chief technology officer of eEye to CTO of BeyondTrust, said Thursday he planned to take an "operationally-focused approach" in helping customers tighten security. This approach includes improving capabilities for automated patching of software, for privilege management, and for making and monitoring configuration changes to servers, desktops and laptops.
One application-security model BeyondTrust didn't plan to focus on was whitelisting. Such an approach would give customers' employees access only to applications vetted by BeyondTrust or a third-party. Other security vendors, including Bit9, McAfee and Lumension, are moving in that direction.
"What we primarily found is that the blacklist/whitelist model is generally not really as secure a model as the fine-grain delegation of privilege that we present," said Jim Zierick, executive vice president of product operations at BeyondTrust. "It's too coarse. It's either a yes or no answer."
Under the current BeyondTrust system, an employee has to get permission from IT staff in order to download an application. Gartner analyst Peter Firstbrook said such an approach can be too restrictive. "We found out a long time ago that locking people out, even though it keeps your environment relatively pristine, doesn't lower your costs. It increases them," Firstbrook said. "It's good for security, but it's not that practical."
BeyondTrust could take whitelisting a step further by letting customers choose which apps employees can download, depending on their jobs, Firstbrook said. BeyondTrust would tap eEye to make sure downloaded applications are kept up to date. Running older versions of applications leaves them vulnerable to attacks, because the software lacks the latest patches.
Read more about application security in CSOonline's Application Security section.