Symantec continues to grow its portfolio of cyber-security products and services, most recently via the acquisitions of Javelin Networks and Appthority.
Privately held Javelin Networks develops technology to help protect enterprises from attacks that target the widely deployed Microsoft Active Directory system. Privately held Appthority is in the business of mobile application security analysis.
“Javelin Networks’ technology is planned to be rebranded and provided as a stand-alone product,” Sri Sundaralingam, head of product marketing for enterprise security products at Symantec, told eWEEK. “Appthority will be integrated within Symantec Endpoint Protection Mobile [SEP Mobile].”
Symantec is not publicly disclosing the financial details of the two acquisitions. Javelin Networks was founded in 2014 and had raised approximately $5 million in venture funding. Appthority was founded in 2011 and had raised approximately $25 million in funding prior to being acquired.
Javelin Networks has multiple products, including AD Protect and AD Assess for Active Directory protection. Active Directory is often targeted by attackers looking to elevate privileges, steal credentials and move laterally within organizations.
“Javelin Networks’ technology can detect Microsoft Active Directory [AD] misconfigurations and backdoors and help prevent AD reconnaissance and credentials misuse by authorized devices and applications,” Sundaralingam said.
The Javelin Networks AD Protect offering provides intrusion detection, investigation and prevention capabilities for organizations to help secure Active Directory. In contrast, AD Assess is an Active Directory Breach and Attack Simulation (BAS) service that is used by enterprises to identify potential backdoors and misconfigurations within Active Directory. Additionally, Javelin Networks has a deception tool called the Honeypot Buster, which is used to lure and deceive Active Directory attackers with fake accounts.
“By design, Active Directory (AD) is open to any domain connected user, meaning all identities and resources on a corporate network are visibly exposed, making AD the number one target for attackers,” Roi Abutbul, vice president of engineering at Symantec, wrote in a blog. “It takes only one compromised endpoint connected to a corporate domain for an attacker to launch the latest APT campaign.”
The Appthority technology provides a unified enterprise mobile threat protection system. The platform includes a web-based threat protection console, a mobile app, an Enterprise Mobility Manager (EMM) connector as well as a security information and event management (SIEM) connector.
“This technology gives Symantec customers the critical ability to analyze mobile apps for both malicious capabilities and unsafe and unwanted behaviors, such as vulnerabilities, risk of sensitive data loss, and privacy-invasive actions,” Sundaralingam said.
The Appthority technology will be integrated with the SEP Mobile platform. SEP Mobile debuted in October 2017 and is built on technology that Symantec gained via the acquisition of Skycure in July 2017.
“Mobile users increase the enterprise attack surface with each app they install,” Domingo J. Guerra, co-founder of Appthority, wrote in a statement. “This acquisition unites Appthority with Symantec’s comprehensive endpoint security portfolio, which is the first solution on the market that can protect all traditional and modern endpoints and now apps.”
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.