IBM will acquire Q1 Labs to expand its business intelligence portfolio by including security events to its menu of deep analytics capabilities.
announced it will acquire Q1 Labs, a data analytics software company, to expand
its security and events management capabilities.
advanced analytics from Q1 Labs, IBM can provide customers with correlation
capabilities to automatically detect and flag suspicious or abnormal events,
IBM said Oct. 4. The deal is subject to regulatory approval and is expected to
close in the fourth quarter. Financial terms were not disclosed.
the close, Q1 Labs will join IBM as a newly minted security division, Robert
LeBlanc, senior vice president of IBM Middleware Software, said during a
conference call with journalists. The new division, IBM Security Systems, will
be led by Brendan Hannigan, the current CEO of Q1 Labs, who will report to
Security Systems will be formed by Q1 Labs and security software, appliances,
lab offerings and services IBM has picked up from more than 10 strategic
security acquisitions and 25 analytics-related buys over the past 10 years,
including Tivoli, Rational and i2, LeBlanc said.
Labs' security analytics will add greater intelligence to IBM's security
portfolio and continue to distinguish IBM from competitors," Hannigan
feel cyber-attacks are increasingly harder to detect, and their ability to
identify threats, detect insider fraud, predict risk and comply with regulatory
mandates would be easier with an end-to-end security platform, LeBlanc said,
adding that security is at the "top of the list" of things they are
worrying about. Customers will benefit from tightly integrated products and a
unified road map.
a lot of data, but not brought together in a way to give clients a way to
understand the threats," LeBlanc said.
Labs recognized that application flow data can be used to identify
security-relevant events from a wide variety of very different technologies,
Scott Crawford, director in the security and risk management practice at EMA
Managing Research, wrote in a blog. The approach allows organizations to focus
on "security intelligence," or collecting and managing information
relevant to security from multiple sources and correlating them to identify
threats from legitimate activity, Crawford said.
plans to apply Q1 Labs' analytics capabilities to drive greater security intelligence
capabilities across all its security products and services, including identity
and access management, database security, application security, enterprise risk
management, intrusion prevention, endpoint management and network security,
LeBlanc said. IBM has a broad analytics portfolio and by combining it with
security, IBM will be able to provide customers with security intelligence that
can be used to detect and prevent threats, he said.
Q1 Labs deal fits IBM's growth initiatives, according to LeBlanc. "We want
to grow in business analytics," LeBlanc said, noting that the acquisition
lets IBM extend growth into the security domain.
Managed Security Services already monitors over 12 billion security events a
day in more than 130 countries, according to LeBlanc.
security information and event management (SIEM) market has seen some
consolidation in recent months, as IBM announced its plans on the same day
McAfee disclosed it is acquiring Nitro Security for an undisclosed amount.
Hewlett-Packard also acquired ArcSight earlier this year.
is an exciting space to be in, and it will continue to change rapidly,"
Guy Churchward, CEO of LogLogic, told eWEEK
Churchward predicted "the same level" of customer disruption for both
Q1 and Nitro customers as seen with ArcSight earlier this year.
IBM and McAfee deals weren't much of a surprise as there have been rumors that
Nitro Security and Q1 Labs were for sale, according to Crawford. McAfee has had
a SIEM gap in what was otherwise a "fairly comprehensive strategy" in
its ePolicy Orchestrator centralized enterprise security management platform,
and IBM had slowed down on the SIEM front after a series of related
acquisitions several years ago, according to Crawford.
and McAfee's announcements "are evidence that top tier technology
companies are asking themselves the same question about what they need to
address the evolving needs of the market," Andy Grolnick, president and
CEO of LogRhythm, told eWEEK