Citadel grabbed by McAfee for US$56m
Security vendor McAfee is buying Citadel Security Software in a US$56million deal, a move which will significantly boost its policy compliance offerings.
The acquisition, which is expected to be completed in the fourth quarter of the 2006 financial year, will add Citadel’s security policy compliance and vulnerability remediation products to McAfee’s existing enterprise security portfolio.
Citadel’s products are based around automated vulnerability remediation (AVR) technology, which provides automated solutions protecting companies from security vulnerabilities and allowing them to meet security compliance regulations.
The company’s solutions include Remediation Management, Compliance Management, Endpoint Security and Patch Management products.
“Security risk management is emerging as one of our highest-growth opportunities. This acquisition will help us develop the next-generation of real-world security risk management solutions that customers are demanding,” said Kevin Weiss, president of McAfee.
“With the addition of Citadel, we can offer our customers the major components of vulnerability assessment, policy compliance enforcement and remediation, building on our suite of existing products, including ePolicy Orchestrator, Preventsys, Policy Enforcer and Foundstone.”
McAfee believes that highly regulated enterprises, including banking government and health-care customers, will especially benefit from theacquisition as McAfee will offer Citadel’s automated solutions designed to help enterprises comply with regulatory requirements and internal policies, speed their compliance process and minimise threat exposure.
By adding Citadel’s products to its offerings, McAfee will be able to offer a unified security risk management architecture that allows companies to bridge the gap between IT security and daily IT operations, according to IDC analyst Rose Ryan.
“We see companies struggle to bridge the gap between IT security and operations — such as tying compliance audits to remediation,” said Ryan.
“Companies should seek to improve their exposure to risks from vulnerabilities, threats and intrusions while reducing total cost of ownership by leveraging a unified security risk management architecture,” she added.