Acquiring Xceedium will extend CA's security portfolio with a comprehensive solution for controlling and protecting IT administrator or other privileged user accounts from external attacks or insider mistakes and malicious misuse. CA did not disclose the financial terms of its agreement to acquire privately held Xceedium. However, the transaction is expected to close within the quarter.
Recent mega breaches such as those at Sony, Anthem and other large companies, and growing compliance and audit demands have increased the need to control and manage the credentials and activities of privileged users who have unfettered access to high-value systems that store and process sensitive information.
"Our digital world gives organizations tremendous opportunity; it also introduces additional regulatory demands and increased risk as bad actors penetrate our networks using stolen credentials which give them the proverbial 'keys to the kingdom,'" said Steve Firestone, senior vice president and general manager of security at CA, said in a statement. "The CA and Xceedium combination will reinforce our leadership position in privileged identity management and offer customers a flexible approach to managing privileged identity compliance and risk."
Xsuite is Xceedium's privileged identity management solution for hybrid IT environments. It offers an identity-centric, proxy-based approach that provides a centralized point of authentication for administrators, brokering the release of credentials for shared administrative accounts without exposing them to the risk of theft, compromise, or misuse, the company said.
Xsuite can be deployed as a physical or virtual appliance or as an Amazon Web Services machine image. It also helps address security and compliance needs, such as centralized shared account management for enhanced administrator accountability, administrative session recording for audit and incident forensics, and command filtering to limit the scope of administrator activity and network access.
CA officials said Xceedium's technology complements CA Privileged Identity Manager's resource- or host-based access control approach, which focuses on controlling access to the server operating system and limits the scope for administrators—especially superusers—to modify processes, configuration files or registries. CA's solution supplements centralized IT administrator access management with controls to minimize the risk of a privileged user unleashing malware—a common tactic used by attackers to launch breaches and avoid detection.
Together, the combined solutions will help protect privileged accounts from compromise, provide tightly-defined access controls, and enable monitoring of privileged user activity across an organization's entire IT infrastructure, further minimizing the risk of breaches, CA said.
"Protecting against attacks on privileged user credentials can be the difference between staying in business and going out of business," said Glenn Hazard, CEO of Xceedium, in a statement. "It also has become a critical element of our national defense as recent attacks on government systems reveal an escalation in attacks from cyber-crime to cyber-espionage. Stealing and exploiting privileged accounts is a central element of the kill chain in cyber attacks of all kinds, regardless of attacker origin."
CA has been somewhat acquisitive in recent months. In May, the company announced plans to acquire Rally Software, a provider of Agile development software and services, for approximately $480 million in a move that helps round out CA's application development portfolio. The acquisition of Rally was a strategic move to advance CA's continuing focus on Agile development and DevOps. Indeed, CA's Rally acquisition marked a significant milestone in CA's strategy to help customers thrive in the application economy, in which software applications are ubiquitous.
In June, CA announced it acquired Grid Tools Ltd., a provider of enterprise test data management, automated test design and optimization software solutions. With the addition of Grid Tools, along with Rally, CA beefed up its portfolio to provide a delivery chain of DevOps technologies from Agile planning to continuous delivery to agile operations.