Original URL: http://www.theregister.co.uk/2012/05/11/beyondtrust_buys_eeye/

BeyondTrust gobbles Code Red vuln firm eEye

IIS hole-plugger snapped up

By John Leyden

Posted in Small Biz, 11th May 2012 15:29 GMT

Access control biz BeyondTrust has acquired vulnerability management vendor eEye Digital Security. The financial terms of the deal, announced on Thursday, were not disclosed.

BeyondTrust plans to integrate the two vendors' respective products to come up with a range of "context-driven security and compliance" products. These products are slated to help enterprises to prioritise vulnerability remediation work with the benefit of added context about user privilege and data sensitivity, a somewhat marketing heavy statement by Beyond explains.

eEye co-founder and CTO Marc Maiffret will become CTO of BeyondTrust post merger. Maiffret started off as a teen hacker before co-founding eEye back in 1998. He left the firm he founded for what turned out to be a three-year sabbatical in 2007 prior to returning to the fold as "Chief Hacking Officer" back in 2010.

Maiffret's chief claim to fame is the discovery of the .ida hole in ISS, which was later exploited by Code Red the first major Microsoft worm, back in 2001 – and his firm's subsequent release of SecureIIS, which fixed the problem. ®