IBM To Buy Web App Scanning Firm Watchfire

The deal, subject to regulatory approval, is expected to close in the third quarter. Financial details weren't disclosed.

Watchfire's flagship AppScan vulnerability assessment tool scans public-facing Web sites for vulnerabilities and can root out flaws in a company's internal Web services and applications. Watchfire also makes WebXM, a tool that organizations can use to audit Web sites for compliance issues.

Last November, Watchfire added automated testing for applications that use two-factor authentication technologies, which banking institutions are required to have in place to combat fraud.

Watchfire's technology fits in well with IBM's governance and risk management strategy and, combined with IBM Rational software, will help customers deal with security and compliance issues at an early stage of the application development cycle, according to IBM.

Watchfire partners with FishNet Security, Kansas City, Mo., as well as a host of international resellers, and has consulting partnerships with IBM Global Services, Symantec and Verisign, among others.