McAfee announced plans to acquire event- and log-management company Nitro Security to bring risk-management and event-analysis capabilities in-house.
McAfee announced its plans
to acquire privately owned Nitro Security to create a new security-information
and event-management division focusing on security analytics and log
McAfee expects to combine
the Nitro Security technology with its own security-management portfolio to
provide organizations greater visibility into their endpoints, network
infrastructure and threats targeting the environment, McAfee said Oct. 4. The
agreement is subject to regulatory approvals and the acquisition is expected to
close toward the end of the fourth quarter, Nitro Security said. McAfee and
Nitro Security didn't disclose the deal's financial terms.
Nitro Security's NitroView
software allows customers to take underlying IT and security events and
understand the organization's risk posture, Dave Anderson, senior director of
solutions marketing at McAfee, told eWEEK.
Most organizations are using Security Information and Event Management (SIEM)
as a reactive measure to find out what happened and to run reports to meet
compliance requirements, Anderson said. Combining NitroView with McAfee's risk
and compliance capabilities will provide customers with situational awareness
and a dramatic shift in how data is understood.
Customers are trying to
manage too much data, and the combined product portfolio will give them the
tools to "calculate associated risk and security posture" by
providing a "specific level of context," Anderson said.
McAfee is "one of the
world's largest cyber-security organizations" and the vanguard of
technology, Jerry Skurla, executive vice president of marketing, told eWEEK.
The acquisition would help Nitro
Security expand from a United States-based market to reach global customers and
support a bigger base of third-party products and platforms.
McAfee does not currently
have a SIEM product in its portfolio, so there is no overlap in products as a
result of the acquisition. However, Nitro Security's products are not new to
McAfee, according to Anderson. McAfee has been using Nitro Security's technology
internally as its in-house SIEM platform for the past few months, Anderson told
Additionally, Nitro Security
has been working with McAfee for the past three years under the Security
Innovation Alliance. Under the alliance, the companies shared technology for
interoperability. Nitro Security took interoperability one step further to
provide true bi-directional integration where data from NitroView software can
be sent to McAfee's ePolicy Orchestrator platform and the information from
ePolicy feeds back to NitroView, according to Skurla.
Both Skurla and Anderson
said there were discussions about how Nitro Security's technology would be
integrated in the hardware
McAfee is working on with its parent
. While they said there were "great opportunities,"
they declined to provide any specifics.
The entire Nitro Security
team, the engineers and the sales structure, will be coming over intact to
McAfee to form a new SIEM division, according to Skurla. He declined to discuss
specific roles or new titles for Nitro executives and individual personnel. The
new division will be part of McAfee's risk and compliance product portfolio,
Anderson said, but he declined to discuss the reporting structure.
"We understand very
clearly the capabilities of McAfee's product portfolio," Skurla said,
noting that this familiarity will help smooth out the integration road map and
the fact that the team was staying together meant a more "rapid
uptake" within McAfee than if the team had to rebuild iteself.
On the same day McAfee
announced its plans to buy Nitro, IBM said it would acquire another security
data analytics company, Q1 Labs. The announcement "supports the
trend" that there is consolidation going on in the industry, according to
Anderson. However, McAfee had looked at "many companies" and "we
are confident that we picked the right team and technology," Anderson
The threat landscape has
gotten scarier in the past year than it has ever been, Skurla said, noting that
the fact that "premier" organizations are bringing SIEM in-house is a
sign that the technology fits a user need and customers are demanding ways to
make sense of the security information they are collecting. SIEM will be a
"fundamental" technology for effective cyber-security for the next
five to 10 years, according to Skurla.