HP to Buy ArcSight for Security Event Management

Hewlett-Packard announced plans to buy ArcSight as part of its strategy to bring better visibility into enterprise IT infrastructures in the name of security.

Hewlett-Packard has agreed to acquire ArcSight for $1.5 billion, ending weeks of public speculation about the security vendor's future.

The deal is expected to close by the end of the year. In late August, it was reported that ArcSight, a leading vendor in the security information and event management (SIEM) space, was shopping itself around to a number of vendors. HP was on that list, and officials at both companies told eWEEK today the deal will bring better visibility and understanding of event data to enterprises.

"If you go way back ... security was really a management problem, and it was not a separate silo," said Bill Veghte, executive vice president for HP Software & Solutions. "Over time, IT management and security became two separate constructs and solutions sets, etc. Yet in today's marketplace with the changes that we see around accelerating complexity, accelerating threats and accelerating regulations, we see the opportunity to try and provide a simpler, more holistic approach on a couple different dimensions.

"Directionally, as we go forward, what we're about is providing better visibility, better context, better continuity and then finally building security into the design and development of [applications]," he continued. "So that visibility, context and continuity with security built in is the core of the value proposition that we feel is the opportunity that ArcSight and HP have together."

Traditional perimeter security products no longer can be fully trusted as an organization's best view into its security posture, explained Tom Reilly, president and CEO of ArcSight. Enterprises need deeper understanding of what's happening in their IT infrastructure-knowledge that can help organizations determine where threats are most likely to impact their business and remediate them faster, he said.

"Around visibility, we can now combine events from across the enterprises that are both IT ops-related and security- and risk-related," he said.

From the perspective of better context, ArcSight's technologies can now have a lot of integration points with HP's IT ops portfolio, such as gathering configuration data, he said.

"Then on the fast remediation we can have a closed loop cycle where we can hand events off to the HP portfolio for remediation, but also correction, so you're continually improving your [security] stance," Reilly said.

The acquisition will continue HP's buying spree in the security space and other markets. The company announced plans in August to acquire application security vendor Fortify Software for an undisclosed sum, and agreed recently to pay more than $2.3 billion for data storage maker 3PAR. The company also recently purchased Stratavia, which specializes in database and application automation.

"The deal is the second, and by far the largest, security acquisition-and the second largest in any market after 3PAR-made by HP in the weeks since the departure of former CEO Mark Hurd," noted Scott Crawford, managing research director at Enterprise Management Associates.

"Until recently, HP's security strategy could be considered restrained at best, in comparison to major competitors such as EMC and IBM," he said. "This could signal a turning point, not only for HP's overall expansion in the enterprise market, but also for its security strategy, perhaps now liberated by Hurd's departure. The deal at last poses a more serious challenge to those competitors such as EMC and IBM on the security front."