Feeds

Symantec hedges bets with large stake in hosted security

MessageLabs deal pilots security giant into cloud computing

3 Big data security analytics techniques

Instead Symantec talks about making increased use of the whitelisting of known "good" applications and behaviour-based malware detection instead of the wisdom of crowds. It hopes these changes, prominent in its 2009 line-up of security software, will help it deal with the twin challenges of performance issues and the increasing rate of malware production by the bad guys. Meanwhile competitors are moving towards a more distributed (cloud-based) architecture for detecting and responding to threats.

Raimund Genes, Trend Micro's anti-malware CTO, told El Reg: "While other vendors have been active in cloud computing, Symantec has been consumed by by Veritas. Maybe it has woken up and decide to do more in the cloud.

"I consider Symantec to be more of a distributor of security products than a developer. It's good at acquiring and integrating firms, with the possible exception of Veritas. MessageLabs has been successful in the UK and the USA, but in other countries it has less presence."

Speaking before the MessageLabs deal was announced, Thompson denied accusations that it failed to innovate. "We spend 15 per cent of our budget on research and development. Either our people are producing a whole lot of stuff or we are wasting money," he said.

Although MessageLabs has a strong customer base, including the UK government and financial services firms, Genes reckons security as a service is most attractive to small to medium-size firms of less than 250 people.

He also notes issues for MessageLabs in keeping its technology suppliers on-side. MesageLabs uses antivirus engines from several traditional vendors as a first line of defence on messages it later passes through its in-house Skeptic engine, the technology that detected and blocked the fast-spreading Love Bug worm hours before traditional anti-virus vendors released signature definitions.

The three anti-virus engines MessageLabs uses alongside Skeptic are not something the firm likes to talk about, though it was much more open in the past. The last we heard, it used anti-virus engines from Kaspersky and Sophos. One of the three could be replaced by Symantec but to loose all of them might create headaches. Symantec uses Brightmail technology for first-line email filtering.

Genes also criticised MessageLabs as being focused on email malware at a time when drive-by downloads from contaminated websites are on the rise. This is more than a little unfair, since MessageLabs has had a range of web and IM security services, as well as partnership with web scanning firm ScanSafe, stretching back for some years. More recently MessageLabs has been among the first firms to tie together intelligence from web, IM and email security threats.

Gone Shopping

Symantec, like many of the world's largest software firms, is a serial buyer. The firm has acquired 40 firms in the 10 years Thompson has been with the firm. But Symantec has sometimes paid a hefty price. It paid $695m for MessageLabs, a firm that brought in revenue of $120m in the year to July 2008.

Google paid $625m for Postini, MessageLabs' main competitor, in July 2007. BlackSpider (another prominent hosted security firm) was bought by SurfControl for around $42m in July 2006, prior to its own $400m purchase by WebSense in April 2007.

Messagelabs gets two thirds of its revenue in Europe and around a quarter from North America, sales Symantec hopes to replicate elsewhere. Through this approach - and delivering more of its technologies as hosted services - Symantec hopes to more than recover its sizeable investment. ®

3 Big data security analytics techniques

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
Reddit users discover iOS malware threat
'Unflod Baby Panda' looks to snatch Apple IDs
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.