Symantec to Acquire SecurityFocus
Offers Most Complete Security Early Warning System Available
CUPERTINO, Calif. - July 17, 2002 - Symantec Corp. (Nasdaq: SYMC) today
announced the acquisition of SecurityFocus for approximately US$75 million in
cash. With this acquisition, Symantec will offer customers the most
comprehensive, proactive early warning system across the broadest range of
threats. The transaction is expected to close by early to mid-August 2002.
"SecurityFocus has established the most respected security community and
developed one of the leading early warning systems for customers around the
world," said John W. Thompson, Symantec chairman and chief executive officer.
"This acquisition will broaden Symantec's leadership in Internet security
response with the addition of the world's first global threat management
system, the most complete vulnerability database and customizable alert
"We have developed our global threat management systems to provide customers
with timely and actionable information relevant to their individual networks,"
said Arthur Wong, SecurityFocus co-founder and chief executive officer.
"Combined with Symantec's world-class antivirus expertise, industry-leading
intrusion detection solutions and back-end infrastructure, we can rapidly
deploy the most comprehensive threat management solutions to our global
SecurityFocus has developed the world's most comprehensive and up-to-date
database of vulnerabilities available. Symantec will continue to license the
Vulnerability Database to security product vendors, managed service providers
and other organizations that use it to create powerful new security products
and services for their customers.
In addition, Symantec will continue to manage the Bugtraq mailing list and the
online security community under the SecurityFocus brand. It will continue to
offer a forum for objective reporting by security experts on the latest IT
threats and attacks as well as how to prevent security breaches.
Symantec will also leverage the DeepSight line of global threat management
solutions. The DeepSight Threat Management System provides early warning of
attacks along with specific threat and patch information allowing companies to
proactively protect their networks. More than 15,000 partners in more than 175
countries are registered to automatically provide a constant stream of security
data that is correlated and analyzed to identify active attacks.
DeepSight Analyzer gives IT professionals the ability to track and manage
incidents on their own networks by automatically correlating attacks from a
multitude of intrusion detection solutions. The product manages threats by
comparing incidents on their network against the Vulnerability Database,
tracking attacks to resolution and generating statistical incident reports.
Using information about suspicious network traffic and intrusions submitted by
anonymous users, SecurityFocus identifies patterns in attacks that help serve
as a threat-gauging system for the Internet community.
By monitoring almost 11,000 distinct versions of more than 2,700 products from
1,300 vendors, SecurityFocus provides proactive, customized alert services for
environment-specific vulnerabilities and malicious code alerts. DeepSight Alert
Services can be configured to ensure that customers receive only alerts that
are relevant to their networks, enabling them to deploy patches or work-arounds
before vulnerabilities can be exploited.