Questions and Answers
1. What are you announcing today?
A. IBM today announced the completion of the acquisition of Watchfire, a privately held company headquartered in Waltham, Massachusetts. IBM announced it's intent to acquire Watchfire on June 6, 2007.
2. What is Watchfire?
A. Watchfire is a Web application security vulnerability and compliance testing software company, headquartered in Waltham, Massachusetts with over 800 enterprise customers across all industries worldwide.
3. What technology does Watchfire provide?
A. Watchfire provides software and services to help customers ensure the security and compliance of their web applications. The online risk management and Web application security testing software can help drive cost out of an online operation by automating manual processes and identifying and prioritizing issues for immediate remediation. With this capability, customers are better able to control costs and protect against the increasing number of threats targeted at the application level, including web services, while also addressing compliance issues. Watchfire’s software and services also help delivery and development organizations address potential security risks before applications are moved into production.
4. What is creating the need for Watchfire technology?
A. Enterprises are faced with a growing number of threats both from internal and external sources. As a result, security is a top-of-mind concern for IT and business administrators alike. With web application security the #1 focus of hackers, and with 75% of breaches at the application layer, there is a need to quickly address security issues at the earliest phase of the web application lifecycle, thereby minimizing risk and helping to ensure cost savings down the road. Furthermore, government regulations as well as industry and business requirements are driving the need for increased security vulnerability and compliance technology throughout the entire web application lifecycle, from the development cycle into operations. Addressing the security vulnerabilities during the development cycle can save corporations time and money and can significantly mitigate risks.
5. How will Watchfire technology be integrated into the IBM software portfolio?
A. IBM’s intent is to integrate Watchfire into IBM’s Software Group as part of its Rational Software division. Product integration plans will be further developed as a part of the integration process after closing. Until the acquisition closes, IBM and Watchfire will continue to act as separate entities.
6. What products does Watchfire provide?
A. Watchfire offers two suites of products for security vulnerability and compliance testing. The essential business issue these products solve is mitigating risk (cost) associated with data breaches and compliance issues. A secondary business issue is reducing costs by automating manual processes.
Watchfire’s AppSecure AppScan 7.5
-
AppScan 7.5 is a leading web application security testing suite that provides comprehensive remediation tasks at different levels of the application.
- AppScan is used by customers to provide security vulnerability testing throughout the web application development lifecycle, easing unit testing and security assurance efforts early in the development stage.
AppScan Enterprise
- AppScan Enterprise is a web application vulnerability scanning and reporting solution for the enterprise. It is server based and provides centralized control.
- AppScan Enterprise is used by customers to understand their overall security posture with executive security metrics and dashboards and key compliance reporting. AppScan Enterprise can also be used to seamlessly roll application security vulnerability testing throughout the enterprise to security professionals, developers, and quality assurance without the need to deploy desktop software.
AppScan OnDemand
- AppScan OnDemand is a hosted solution for companies that prefer to outsource application security vulnerability testing. There is nothing to install (except your browser), no hardware to buy and no software to maintain.
- Customers use this service to test applications for security vulnerabilities. They use the service because they need to scale their security teams or if they have little or no application security expertise in house.
WebXM
- WebXM is a web application compliance product that provides automated online risk scanning to allow customers to audit privacy, quality, accessibility and compliance issues across corporate websites.
- Customers use this product to help them ensure that their corporate websites are not exposing them to various risks.
|
