Security Experts:

Connect with us

Hi, what are you looking for?



RSA Plans Agile, Intelligent IAM Through Acquisition of Aveksa

EMC on Monday said that it has acquired privately held Aveksa Inc., a provider of Identity and Access Management (IAM) solutions, for an undisclosed sum.

The acquisition places Aveksa into the RSA Security division of the storage giant, more specifically, RSA’s Identity Trust Management product group.

EMC on Monday said that it has acquired privately held Aveksa Inc., a provider of Identity and Access Management (IAM) solutions, for an undisclosed sum.

The acquisition places Aveksa into the RSA Security division of the storage giant, more specifically, RSA’s Identity Trust Management product group.

The addition of Aveksa’s technology will help extend RSA’s vision of “Adaptive IAM”, what the company says will transform traditional static systems into agile, intelligent and scalable “situational perimeters” to help organizations dynamically manage user lifecycles and access across enterprise and cloud environments.

EMC Acquires Aveksa, Inc.Founded in 2004, Aveksa offers solutions for Identity and Access Governance (“IAG”) and Provisioning, which EMC says will help RSA customers provide end users with appropriate and secure access to applications from within the enterprise or the cloud regardless of their location or device.

According to Andy Kellett, principal security analyst at research firm Ovums, the acquisition is a win for RSA and something that made sense for the veteran security firm as it continues to expand and enhance its product portfolio.

“This was an overdue acquisition, and one that RSA needed to complete in order to compete at the highest levels in an identity management market that is going to change dramatically over the next two years,” Kellett told SecurityWeek in an emailed statement.

As cloud-based and enterprise applications take center stage in the IT world, authentication, authorization and identity management has become more important than ever.

“The model for each user has shifted from a single authentication to an enterprise network, to dozens of authentications to applications and related data, from multiple user devices, across cloud and on-premise infrastructures,” RSA Explained.

“The disruptive influences of mobility and cloud will change device and infrastructure requirements. The requirement for risk-based authentication delivers the requirement for business intelligence and information led access controls,” Kellett said.

Aveksa aligns with RSA’s intelligence-driven security strategy, the company said, leveraging insight from roles, processes, and “security-oriented Big Data” to enable better evaluation, prioritization, detection and response to real-time threats. For example, Aveksa’s ability to provide rich identity context could be used to enhance situational awareness within the RSA Security Analytics solution.

“The timing is right as disruptive influences such as mobility and cloud take hold of the market. The partner is right because of its business focused approach to IAM and its identity as a service (IDaaS) capabilities,” Kellett said.

In October 2012, EMC announced its acquisition of Silver Tail Systems, a provider of web session intelligence and behavioral analytics for fraud and cybercrime detection. At the time, RSA said that it would integrate Silver Tail’s technology with RSA’s Identity Protection and Verification (IPV) solutions, as well as other products in RSA’s enterprise security portfolio.

“RSA’s acquisition of Silver Tail Systems brought in analytics that we feel will be broadly applicable across its security product lines, and Aveksa will likely be the same,” Wendy Nather, Research Director, Enterprise Security Practice at 451 Research told SecurityWeek. “Identity is key to security context as well as to data management.”

“The more sophisticated threat landscape and the need to improve fraud detection rates all add to the need for change. Doing nothing was not a viable option for RSA,” Kellett said. “But just as importantly, it was vital to choose a mature IAM partner that will enable RSA to compete with the new generation of cloud-focused identity management providers, rather than simply adding it to the list of mainstream IAM platform vendors.”

“Forget about what the competition will say about diluting of the RSA message, reducing its focus on specific areas of strength, and how the company is likely to take its eye off the ball as it struggles to integrate Aveksa technology into its overall offering,” he added. “This is a good deal for RSA.”

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.


Tenable has launched a $25 million venture fund to place bets on early-stage startups in the exposure management space.

Cybersecurity Funding

Forward Networks, a company that provides network security and reliability solutions, has raised $50 million from several investors.


Twenty-one cybersecurity-related M&A deals were announced in December 2022.