McAfee Acquires Sentrigo to Enhance Database-Security Portfolio

McAfee acquired Sentrigo, a database security vendor that specializes in vulnerability management and database protection. The acquisition will strengthen McAfee's security portfolio for databases.

For its first major move as an Intel company, McAfee has acquired database-security company Sentrigo to boost its database offerings.

McAfee announced the acquisition of privately held Sentrigo March 23. The financial terms of the deal were not disclosed.

The deal is expected to close as soon as early April, according to McAfee. The Sentrigo team will join McAfee's Risk & Compliance business unit, headed by Stuart McClure, senior vice president and general manager, McAfee said.

McAfee has its own line of database-security products, including McAfee Vulnerability Manager for Databases, McAfee Database Activity Monitoring and McAfee Integrity Monitoring for Databases. Sentrigo offers Hedgehog, an agent-based software that protects enterprise databases with real-time monitoring, alerts, virtual patching, audit trails and automatic intrusion-prevention capabilities.

The combination of the two companies will allow customers to rapidly deploy database security in their environments in a cost-effective manner, according to Dave Dewalt, president of McAfee. With the acquisition, McAfee will be able to deliver "best-of-breed" vulnerability-management, protection, and activity-monitoring products for databases, he said.

"The integration of Sentrigo with McAfee will provide customers with the highest level of security across their database environments" said DeWalt.

McAfee also announced a "complete database--security platform," which includes now-secure databases, he said. The platform will have best-in-class technologies that can stop database attacks, including SQL injection attacks, provide visibility into all database transactions, and allow customers to detect potential threats before they are exploited.

McAfee will be able to expand its vulnerability management to include databases along with operating systems, networks and Web applications. Customers will also be able to minimize the risk of a data breach and loss of personal identifying information, as well as reduce the costs associated with breach notification, McAfee said.

"The regular stream of public-breach announcements is evidence that we must all do much more to protect mission-critical database environments," said Nathan Shuchami, CEO of Sentrigo.

A recent report from Ponemon Institute estimated the average cost per compromised record at $214, which included the expenses associated with notifying customers and victims and paying for credit-protection services.

McAfee is interested in the database-security market, which it estimates will expand to more than $600 million by 2012. Customers are beginning to realize how important database security is. The recently released 2010 Verizon Business Study revealed that more than 92 percent of recorded breaches involved a database.

The database-security market is "white hot," John Ottman, CEO of Application Security, told eWEEK. Customers are expanding their security infrastructure to ensure the databases are protected from threats, both from outsiders as well as from inside thefts. With increased focus on the market, other companies are looking to get a piece of the market through acquisitions, he said.

"These acquisitions further confirm the fact that perimeter security alone is not sufficient against today's escalating threats and that no security program is complete if it doesn't secure data within the database itself," Ottman said.

Sentrigo and McAfee have been OEM partners since 2010, as Sentrigo supported and offered McAfee's database-security software to customers.

Intel completed its $7.68 billion acquisition of McAfee on Feb. 28. Under the terms of the deal, McAfee is a wholly owned subsidiary, and will continue developing and selling security products and services under its own name.