Symantec buys Mountain Wave
What is a mountain wave?
Cupertino, California-based Symantec Corp has paid $20m cash for Mountain Wave Inc and its CyberWolf real-time security incident detection and analysis software, in a move that will add automated response features to its security management software stack.
The CyberWolf product started life as a Defense Advanced Research Projects Agency research project in 1996 to develop a package that picks up where intrusion detection software leaves off. It has since quietly established itself a niche in US federal and government agencies.
The software is designed to pinpoint key incident data by cross-correlating in real-time the huge volumes of data generated by any number of security point products installed across the enterprise. The inbuilt product knowledgebase is said to be particularly good at tracking and matching patterns of events and alerts that, by themselves, may appear to be innocuous, but when put together represent a pattern of an attack.
The Falls Church, Virginia-based company claims to have several successful implementations in the government market. Symantec will want to translate those successes into the broader enterprise market. The CyberWolf product is licensed at $30,000 a year with a $150,000 installation fee.