Sourcefire Catches ClamAV

ClamAV is among the most broadly adopted open-source security projects worldwide.

Sourcefire has acquired ClamAV, an open-source gateway anti-virus and anti-malware project, in the companys first purchase since it went public in March.

Officials at Columbia, Md.-based Sourcefire state ClamAV will extend the companys Enterprise Threat Management network security portfolio. With nearly 1 million unique IP addresses downloading ClamAV malware updates daily, the anti-virus engine has arguably become one of the most broadly adopted open-source security projects worldwide.

No financial information about the deal was disclosed. Under the agreement, Sourcefire gets the ClamAV project and related trademarks, as well as the copyrights held by the five principal members of the ClamAV team including project founder Tomasz Kojm. Sourcefire will also assume control of the domain, Web site and Web site content and the ClamAV Sourceforge project page. The ClamAV team will remain dedicated to the project as Sourcefire employees, and continue their management of the project on a day-to-day basis, Sourcefire officials said.

Sourcefire officials said they plan to offer training and support services for ClamAV users beginning in the fourth quarter of 2007, and anticipate offering products based on ClamAv as part of the companys Enterprise Threat Management portfolio in the latter half of 2008.


Click here to read more about open sources next step.

At LinuxWorld this year, ClamAV was rated among the top three anti-virus technologies in a controversial, live test organized by Untangle that pitted ClamAV against proprietary products. Though the move may worry some companies that have integrated ClamAV into their products, Gartner analyst John Pescatore noted Sourcefire has done a good job of keeping true to the open-source roots of Snort, the companys intrusion prevention and detection technology, while simultaneously working to add proprietary value around it.

"I think there is a similar opportunity here around Clam and the AV world," he said. "I dont think youll see Sourcefire go after any sort of desktop AV but if they give the Clam community the same support they give the Snort community, I think Sourcefire can show added value around network-based malware removal that builds on top of/around Clam technology."

Martin Roesch, founder and CTO of Sourcefire, said the acquisition gives the company the ability to bring together two of the security industrys most widely adopted open source projects—Snort and ClamAV.

"This will not only broaden our reach but will also allow us to extend our product family into a number of intriguing new markets," Roesch said in a statement.

Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.