Imperva, a provider of enterprise data security solutions, on Thursday announced its plans to acquire two security firms and assets from another, in a move that will help extend its data center security strategy across the cloud.
Redwood Shores, California-based Imperva said it has agreed to acquire Skyfence, a cloud security gateway startup, and has also agreed to purchase the remaining shares it does not already own in Incapsula, a cloud-based website performance and security service that Imperva invested in years ago and was already a majority owned subsidiary.
Imperva also said it has acquired assets from Tomium Software, a former OEM partner that enabled Imperva to provide z/OS mainframe monitoring solutions for DB2TM and IMSTM. By acquiring real-time mainframe security auditing agents from Austin, Texas-based Tomium, Imperva says it will be able to extend these capabilities to its full data security suite.
In addition to the acquisition news, Imperva released a new Web Application Firewall (WAF) for Amazon Web Services (AWS).
“Our acquisition strategy for Skyfence and Incapsula are very similar. We seeded Incapsula four years ago because we recognized that cloud delivery would change the web application security landscape,” said Shlomo Kramer, CEO of Imperva. “In the case of Skyfence, we believe that Software as a Service (SaaS) delivery models for internally facing corporate applications will substantially change the landscape for data center security and compliance.”
Skyfence protects internal corporate applications, such as employee and back office-oriented applications that are moving to SaaS delivery models. Despite being internal, these applications often allow access from the internet, which exposes them to the vulnerabilities intrinsic to public facing applications.
Skyfence has developed a solution providing real time visibility and control over corporate use of SaaS applications, which enforces security policy, protects sensitive data from external and inside threats, and ensures compliance with standards. Through a single, central gateway, the solution provides organizations with the power to discover all of the cloud assets that are in use and to uniformly enforce security and compliance policies in addition to controlling user access to sensitive data, privileged user activity and API access to the service.
For externally facing production applications, the cloud is changing deployment in two ways, Imperva said. Some customers prefer a SaaS model for WAF delivery. Incapsula offers an application-aware global CDN platform that provides DDoS protection, load balancing, and failover solutions. Other customers prefer an Infrastructure as a Service (IaaS) model by which they can leverage the economies of scale of their cloud provider to realize significant cost savings. For these customers, SecureSphere for AWS allows them to move their applications with added security.
Imperva said it plans to bring Incapsula fully in house in order to allow for scale as the demand for Incapsula technology grows.
Imperva’s new SecureSphere Web Application Firewall version for Amazon Web Services is designed for customers that want to take their on-premise solution to the cloud or that prefer a “do it yourself” model for application security. With SecureSphere for AWS, customers can replicate their existing on-premise security controls as they migrate to the cloud.
SecureSphere for AWS has been in limited availability since late 2013 and will be generally available in March 2014, Imperva said.
“For some time now, we’ve seen our customers take advantage of cloud-based services to reduce costs and increase flexibility. However, moving applications and data off-premise causes new and very significant risk exposure for organizations,” said Mark Kraynak, Senior Vice President, Worldwide Marketing, Imperva. “The strategy we are unveiling today comprehensively addresses the dangerous security gaps raised by the move to the cloud.”
The acquisitions of Skyfence and Incapsula are expected to close in the first quarter of 2014.
*Updated to clarify that only assets were acquired from Tomium, not the entire company.