McAfee to Acquire Database Security Firm Sentrigo

McAfee announced this morning that it would acquire Sentrigo, a privately held provider of database security solutions.

Sentrigo offerings include database security technologies including vulnerability management, database activity monitoring, database audit, and virtual patching.

The acquisition would bring together technologies allowing McAfee customers to:

• Stop database attacks, including the number-one web-born attack against databases: SQL Injection; ensure compliance audit and reporting, minimize the risk of a data breach of Personally Identifiable Information or other sensitive information, and reduce the costs associated with breach notification.

• Diagnose and assess the database environment so that customers detect threats before they are exploited and receive the optimum security solution for their unique database infrastructure.

• Build on the McAfee Risk and Compliance solutions and expand current vulnerability management solutions to include operating systems, networks, web applications and databases.

• Provide complete visibility into all transactions leveraging McAfee and Sentrigo’s Database Audit and Database Activity Monitoring (DAM) solutions.

• Leverage Sentrigo’s Virtual Patching, a capability that provides a strong level of protection for database systems that cannot be patched in a timely manner.

“McAfee is continuing to broaden its security portfolio to now-secure databases, as well as endpoints, networks, email and web,” said Dave DeWalt, president of McAfee.

In addition to the acquisition announcement, McAfee today announced a complete database security platform which includes products across the McAfee portfolio. McAfee’s database security approach, based on the Security Connected initiative launched in October 2010, involves protecting a company’s most important data assets from network to server to the database itself. With this approach, data is protected in every state (data in motion, data at rest, and data in use) via access controls, network security, server security, data protection and encryption – all centrally managed to minimize risk and maximize efficiency.

“Users are increasingly anxious about the security of their data, and are looking for database security solutions that provide uniform coordination with policy management,” said Carl Olofson, research vice president of database management and data integration software research at IDC. “Having the ability to protect data at rest, in motion and in use through access control, encryption and auditing is a key area of importance. The ability to track vulnerability issues is a key differentiator which businesses are looking for when choosing database security solutions.”

“Every organization stores their most sensitive information in databases, either directly or through their key business applications,” stated Nathan Shuchami, CEO of Sentrigo. “The regular stream of public breach announcements is evidence that we must all do much more to protect mission-critical database environments, and Sentrigo has been working for more than four years to develop a suite of products to best secure these assets.”

The terms of the proposed transaction were not disclosed. Following the closing of the proposed acquisition, the Sentrigo team will report to the McAfee Risk & Compliance business unit, headed by Stuart McClure, senior vice president and general manager.

More on the announcement can be found here: http://www.mcafee.com/us/about/mcafee-sentrigo.aspx