Q&A: Watchfire CTO sees Sanctum acquisition as a good fit
CTO Michael Weider says company can now provide broader range of tools to secure Web applications
Computerworld - Watchfire Corp., a Waltham, Mass.-based vendor of online privacy and compliance management technologies, last week acquired Web application security vendor Sanctum Inc. for an undisclosed sum (see story). The purchase of San Jose-based Sanctum will allow Watchfire to sell a broad range of tools to help companies monitor, measure, manage and secure Web applications more efficiently than is possible now, says Michael Weider, founder, chairman and CTO of Watchfire.
What drove your purchase of Sanctum? Application security is becoming an important part of a company's Web site compliance initiatives. Companies that have thousands of applications on an enterprisewide basis have no easy way of knowing if they are meeting standards for application security. Present tools don't give them the visibility to do this. Our customers have been asking us for a tool that will give them an overall view of their Web application security.
How will your purchase of Sanctum help address this? What we have seen is that enterprises need three levels of protection [at the application layer]. You want to give developers tools to test applications for security. You want to arm [quality assurance] to evaluate applications before they are published on the Web site. And the last is an enterprisewide scanning [capability] to see how well you are doing. That third line of defense is where our strength is. What we will do is to combine that with Sanctum's application security tools to create a total life-cycle management capability for Web applications.
What value will you add to what Sanctum is already selling in this market? What most organizations have been doing is arming developers with tools [such as Sanctum's] to test Web applications for security before publishing them. The limitation is that the CIO or the CISO or whoever is in charge of compliance has no visibility with how the whole enterprise is doing. Watchfire will provide that enterprise view. It will allow [companies] to know how they are doing and present that information on a dashboard. Combining Sanctum's application security scanning with our enterprisewide Web scanner will allow us to bring a new solution to market.
Watchfire CTO and chairman Michael Weider
What is the overall size of the application security market? It is somewhere around a $500 million market today. If you look at someof the new security issues and where most of the vulnerabilities are happening today, it is all at the application layer. Enterprises have invested many years in building up their perimeter defenses, and their knowledge and expertise in those areas are good. But application security is a nascent area. None of the traditional defenses protect you against threats at the application layer.
Read more about App Development in Computerworld's App Development Topic Center.
- IDC Report: Optimize IT and Business Gains This IDC Whitepaper outlines how CIOs can understand what the "total cost of data" is across their entire organization and how Delphix can...
- Planning for Mobile Success Many organizations are seeing clear and quantifiable benefits from the deployment of mobile technologies that provide access to data and applications any time,...
- The Business Value of Continuous Delivery Download this whitepaper to learn more about the business value of Continuous Delivery and see why it could be a game changer for...
- Coding with JRebel: Java Forever Changed With JRebel, developers get to see their code changes immediately, fine-tune their code with incremental changes, debug, explore and deploy their code with...
- Is SQL Server AlwaysOn really as powerful? Tips and Tricks from the field With the introduction of AlwaysOn, Windows Clustering Services is now more critical than ever.
- What Does it Take to Deliver a Superior Customer Experience? The Two Top-Rated Online Retailers, B&H Photo and Crutchfield Electronics, Share Their Secrets Discuss practical CX tools and service methods such as contact center agents and the use of realtime speech analytics to help contact center... All App Development White Papers | Webcasts