Itself a customer, EMC buys NetWitness for network analysis

Share this article:

EMC has acquired NetWitness, a fast-growing network monitoring and analysis firm that caters to a slew of Fortune 100 and government customers.

Terms of the deal, announced Monday, were not released, though analyst firm The 451 Group estimated the price tag to be around $500 million.

Producing solutions that have been called the "TiVo for the network," NetWitness launched in November 2006 under the leadership of Amit Yoran, former director of the National Cyber Security Division at the Department of Homeland Security.

The company reported earlier this year that its customer base grew by 60 percent in 2010, largely because its technology helps detect some of the most advanced network threats, which typically are designed to sniff out coveted intellectual property. These types of attacks gained significant notoriety last year.

"The intensity and sophistication of advanced adversaries and zero-day malware challenge every organization to rethink traditional approaches to network security,” said Tom Heiser, president of RSA, the security arm of EMC. “NetWitness has redefined the security landscape, providing a powerful solution for organizations seeking to gain immediate insight, precise clarity, and timely closure in the face of the toughest cyberthreats."

The NetWitness offerings will integrate with RSA's security management portfolio, which includes its enVision security information and event management (SIEM) platform, its Data Loss Prevention Suite and its Cybercrime Intelligence service, according to EMC.

"It's a direct synergy," Joshua Corman, research director at The 451 Group, told SCMagazineUS.com on Monday.

He said the acquisition could boost innovation within the IT security space, considering NetWitness products enabled customers to go above and beyond traditional check-box compliance.

"NetWitness is one of those very capable technologies that has helped the elite fight off elite attackers," Corman said. "It has a more complete record of what happens on the network than more specific anti-threat technologies have. As a post-mortem device, you know where something happens and it can help you see someone moving through your network laterally."

RSA also is a NetWitness customer. Ironically, on Friday, the company revealed that the technology helped it detect a recent breach of information surroundings its SecurID products.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Florida Supreme Court rules warrants a must for real-time cell location tracking

Florida Supreme Court rules warrants a must for ...

The Florida Supreme Court put the kibosh on warrantless real-time tracking using location data obtained from cell phone providers.

Modular malware for OS X includes backdoor, keylogger components

Modular malware for OS X includes backdoor, keylogger ...

The modular malware was named "Ventir," by researchers at Kaspersky.

Fake Dropbox login page nabs credentials, is hosted on Dropbox

Fake Dropbox login page nabs credentials, is hosted ...

Symantec researchers received a phishing email linking recipients to a fake Dropbox login page that is hosted on Dropbox's user content domain and served over SSL.