Read the Original Article at http://www.informationweek.com/news/showArticle.jhtml?articleID=199906065
The sad fact is, malware writers haven't just gotten more prolific over the past few years, they've gotten faster and more creative. That's spawned a need for a more proactive approach to IT security, and it's what makes PatchLink's announcement last week that it's acquiring SecureWave intriguing.
PatchLink is a privately held provider of patch and vulnerability management software, and SecureWave made its bones through its Sanctuary product, which takes a "whitelisting" approach that allows only approved network traffic inside a company's firewall. Together, the vendors could address more effective patching, plus situations in which no patch yet exists. They'd have more than 5,000 customers, including PatchLink customers HSBC, NASA, and Thomson Financial. The all-stock transaction will give Mangrove Capital Partners, SecureWave's primary shareholder, a seat on PatchLink's board. In February, PatchLink acquired Stat vulnerability scanning and assessment technology from Harris Corp.
In May, SecureWave announced Sanctuary 4.2, the latest version of its endpoint security software that includes unified policy enforcement for centrally managing and monitoring device and application use on a company's PCs, laptops, and servers. Sanctuary also helps define and enforce policies for acceptable use of removable storage media and applications, letting administrators defend against data leakage as well as malware.
SecureWave's whitelisting approach is one answer to defending against zero-day attacks, those that strike vulnerabilities for which no patch exists. Yet whitelisting creates more administrative overhead by forcing IT managers to inventory systems to ensure that legitimate software isn't blocked.
Sanctuary already is designed to work with automated patching systems like PatchLink, and it includes a utility tool that automatically updates whitelists with patches and upgrades once the user creates a baseline listing of applications on the network.