SECURITYFOCUS Übernahme durch SYMANTEC

#1 SYMANTEC TO ACQUIRE SECURITYFOCUS

Offers Most Complete Security Early Warning System Available

CUPERTINO, Calif. - July 17, 2002 - Symantec Corp. (Nasdaq: SYMC) today announced the acquisition of SecurityFocus for approximately US$75 million in cash. With this acquisition, Symantec will offer customers the most comprehensive, proactive early warning system across the broadest range of threats. The transaction is expected to close by early to mid- August 2002.

"SecurityFocus has established the most respected security community and developed one of the leading early warning systems for customers around the world," said John W. Thompson, Symantec chairman and chief executive officer. "This acquisition will broaden Symantec's leadership in Internet security response with the addition of the world's first global threat management system, the most complete vulnerability database and customizable alert services."

"We have developed our global threat management systems to provide customers with timely and actionable information relevant to their individual networks," said Arthur Wong, SecurityFocus co-founder and chief executive officer. "Combined with Symantec's world-class antivirus expertise, industry-leading intrusion detection solutions and back-end infrastructure, we can rapidly deploy the most comprehensive threat management solutions to our global customers worldwide."

SecurityFocus has developed the world's most comprehensive and up-to-date database of vulnerabilities available. Symantec will continue to license the Vulnerability Database to security product vendors, managed service providers and other organizations that use it to create powerful new security products and services for their customers.

In addition, Symantec will continue to manage the Bugtraq mailing list and the online security community under the SecurityFocus brand. It will continue to offer a forum for objective reporting by security experts on the latest IT threats and attacks as well as how to prevent security breaches.

Symantec will also leverage the DeepSight line of global threat management solutions. The DeepSight Threat Management System provides early warning of attacks along with specific threat and patch information allowing companies to proactively protect their networks. More than 15,000 partners in more than 175 countries are registered to automatically provide a constant stream of security data that is correlated and analyzed to identify active attacks.

DeepSight Analyzer gives IT professionals the ability to track and manage incidents on their own networks by automatically correlating attacks from a multitude of intrusion detection solutions. The product manages threats by comparing incidents on their network against the Vulnerability Database, tracking attacks to resolution and generating statistical incident reports. Using information about suspicious network traffic and intrusions submitted by anonymous users, SecurityFocus identifies patterns in attacks that help serve as a threat- gauging system for the Internet community.

By monitoring almost 11,000 distinct versions of more than 2,700 products from 1,300 vendors, SecurityFocus provides proactive, customized alert services for environment-specific vulnerabilities and malicious code alerts. DeepSight Alert Services can be configured to ensure that customers receive only alerts that are relevant to their networks, enabling them to deploy patches or work-arounds before vulnerabilities can be exploited.


http://www.securityfocus.com/

Eine ausgezeichnete Informationsquelle die in Zukunft wahrscheinlich mit Vorsicht zu genießen sein
wird.Schade.

Gruß
Ajax

#2 Waaah, Schock!

das war die Infoquelle Nr. 1 zum Thema Bugs und Co.

Symantec macht wirklich alles kaputt, damit meine ich der Securityfocus war perfekt, da kann man nichts mehr verbessern!

Nach Atquard nun auch der Securityfocus <

echt deprimiert!

#3 Das scheint irgend so ne Krankheit zu sein, dass die Grossen alle in ihrer Branche aufkaufen und kontrollieren müssen.

Schade, SecurityFocus war bisher immer ne 1A Informationsquelle!
__________
__ ________________________
Moderator sWiZz-eLiTe bo@rd
http://board.swizz-elite.ch

#4 Jep, jetzt kann man die Site wohl aus den Favs nehmen. ;(
Aber mal schauen, vielleicht übertreffen sie sich ja mal und belassen es so wies ist.

#5 Ich denk mal, daß sich inhaltlich wohl nicht viel ändern wird. Es wird wohl nur noch Werbung von Symantec gebe - wen störts? Man sollte nun natürlich etwas skeptisch werden, wenn Schutzprogramme von Symantec empfohlen werden, aber gesunde Skepsis ist in diesem Bereich sowieso angebracht!

Robert
__________
powered by http://different-thinking.de - Netze, Protokolle, Sicherheit, ...

#6

Zitat

Man sollte nun natürlich etwas skeptisch werden

eben, ich befürchte, dass jetzt die notwendige unabhängigkeit fehlt (wenns sowas geben sollte).
na ja mal sehen was draus wird.

#7 Da es vielen Admins (wie auch mir) zu dumm & unsicher ist 1 Monat zu warten, bis Symantek die Full-Disclosures weiterleitet wurden im Web neue Listen gegründet, welche uA auch schon auf Bugtraq veröffentlicht wurden.
Eine der imho vielversprechendsten ist

http://www.vulnwatch.org

Hier soll es das geben, was Bugtraq einmal vor dem Verkauf war, eine offene nicht-kommerzielle Mailingliste für Bugs und alles was sonst noch die Sicherheit gefährdet.

Mal im Ernst, wenn die User die Bugs 1 Monat nicht testen können, weil die Full Disclosures solange seitens Symantek delayed werden, wird es auch weniger Userdruck auf M$ geben, was imho dazu führt das die Patches NOCH später herrauskommen.. und nicht zu vergessen: Wieviele ungepatchte IE Lücken gibt es zZt? ca 21? ...