Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

Imperva Makes Three Acquisitions, Unveils New Cloud Strategy

Imperva, a provider of enterprise data security solutions, on Thursday announced its plans to acquire two security firms and assets from another, in a move that will help extend its data center security strategy across the cloud.

Imperva, a provider of enterprise data security solutions, on Thursday announced its plans to acquire two security firms and assets from another, in a move that will help extend its data center security strategy across the cloud.

Redwood Shores, California-based Imperva said it has agreed to acquire Skyfence, a cloud security gateway startup, and has also agreed to purchase the remaining shares it does not already own in Incapsula, a cloud-based website performance and security service that Imperva invested in years ago and was already a majority owned subsidiary.

Imperva AcqusitionsImperva also said it has acquired assets from Tomium Software, a former OEM partner that enabled Imperva to provide z/OS mainframe monitoring solutions for DB2TM and IMSTM. By acquiring real-time mainframe security auditing agents from Austin, Texas-based Tomium, Imperva says it will be able to extend these capabilities to its full data security suite. 

In addition to the acquisition news, Imperva released a new Web Application Firewall (WAF) for Amazon Web Services (AWS).

“Our acquisition strategy for Skyfence and Incapsula are very similar. We seeded Incapsula four years ago because we recognized that cloud delivery would change the web application security landscape,” said Shlomo Kramer, CEO of Imperva. “In the case of Skyfence, we believe that Software as a Service (SaaS) delivery models for internally facing corporate applications will substantially change the landscape for data center security and compliance.”

Skyfence protects internal corporate applications, such as employee and back office-oriented applications that are moving to SaaS delivery models. Despite being internal, these applications often allow access from the internet, which exposes them to the vulnerabilities intrinsic to public facing applications.

Skyfence has developed a solution providing real time visibility and control over corporate use of SaaS applications, which enforces security policy, protects sensitive data from external and inside threats, and ensures compliance with standards. Through a single, central gateway, the solution provides organizations with the power to discover all of the cloud assets that are in use and to uniformly enforce security and compliance policies in addition to controlling user access to sensitive data, privileged user activity and API access to the service.

For externally facing production applications, the cloud is changing deployment in two ways, Imperva said. Some customers prefer a SaaS model for WAF delivery. Incapsula offers an application-aware global CDN platform that provides DDoS protection, load balancing, and failover solutions. Other customers prefer an Infrastructure as a Service (IaaS) model by which they can leverage the economies of scale of their cloud provider to realize significant cost savings. For these customers, SecureSphere for AWS allows them to move their applications with added security.

Imperva said it plans to bring Incapsula fully in house in order to allow for scale as the demand for Incapsula technology grows.

Advertisement. Scroll to continue reading.

Imperva’s new SecureSphere Web Application Firewall version for Amazon Web Services is designed for customers that want to take their on-premise solution to the cloud or that prefer a “do it yourself” model for application security. With SecureSphere for AWS, customers can replicate their existing on-premise security controls as they migrate to the cloud.

SecureSphere for AWS has been in limited availability since late 2013 and will be generally available in March 2014, Imperva said.

“For some time now, we’ve seen our customers take advantage of cloud-based services to reduce costs and increase flexibility. However, moving applications and data off-premise causes new and very significant risk exposure for organizations,” said Mark Kraynak, Senior Vice President, Worldwide Marketing, Imperva. “The strategy we are unveiling today comprehensively addresses the dangerous security gaps raised by the move to the cloud.”

The acquisitions of Skyfence and Incapsula are expected to close in the first quarter of 2014.

*Updated to clarify that only assets were acquired from Tomium, not the entire company.

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

CISO Conversations

SecurityWeek talks to Billy Spears, CISO at Teradata (a multi-cloud analytics provider), and Lea Kissner, CISO at cloud security firm Lacework.

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.