Symantec To Snap Up WholeSecurity

Symantec plans to buy WholeSecurity, a privately held firm that specializes in identifying viruses, worms and other malware by their behavior.

The purchase, announced Thursday, will help Symantec expand its arsenal of tools to fight changing threats by looking for signs of suspicious behavior as well as the traditional method of checking files against a list, or signatures, of known threats.

"It complements what we already have in our portfolio and makes it so we don't have to provide signatures to this technology," said Enrique Salem, senior vice president of Symantec Security Products and Solutions.

Financial terms of the deal, which is expected to close in October, were not released. Austin, Texas-based WholeSecurity has about 60 employees, and Symantec said it plans to retain as many of them as possible.

Once the acquisition closes, Symantec plans to offer standalone products with WholeSecurity's technology as well as incorporate it into Symantec security software suites.

WholeSecurity's technology also can be used to defend against attacks before signatures can be released.

"A lot of the new attacks are targeted at individuals or corporations, and so the notion of trying to write a signature for each one of these attacks doesn't make sense any more," Salem said.

JT Keating, WholeSecurity's vice president of marketing, said there's very little performance impact from the behavior-based detection of threats. Instead of scanning files, it monitors processes of programs running on a computer.

"We can scan a computer in a matter of seconds rather than minutes," he said. "My personal belief is it will change the landscape for what it means to have end-point security."

The acquisition was announced after the financial markets closed. Shares of Cupertino, Calif.-based Symantec closed at $21.19, down 13 cents, in Thursday trading on the Nasdaq Stock Market.