Tripwire Acquires nCircle For Vulnerability Management, Reporting


Tripwire, Inc. said it is acquiring vulnerability management vendor nCircle in a deal to integrate the firms' software for greater reporting and analytics capabilities.

The acquisition is expected to be closed in April. Terms of the deal were not disclosed.

CEOs from both companies told CRN that the integrated companies could pit Tripwire more squarely against HP, IBM, Symantec and McAfee in the vulnerability and configuration management space. Tripwire provides file integrity monitoring, agent-based configuration management and log management. nCircle sells agentless configuration and vulnerability management software.

[Related: 5 Dangerous Web Application Flaws Coveted By Attackers]

In 2012, the two companies' combined bookings were approximately $140 million; together they had over 500 employees and more than 7,000 customers in 96 countries, Tripwire said.

The two companies often competed against each other for certain deals with their configuration management capabilities, said Abe Kleinfeld, CEO of nCircle. A combined portfolio is really what customers want, Kleinfeld said.

"They want to have flexibility to do the right thing for the right portions of the network, and they really want a single vendor to combine a complete product line in a unified product road map," Kleinfeld said.

San Francisco-based nCircle's Configuration Compliance Manager merges policy compliance and security management. The solution discovers all IP-enabled devices on an enterprise network and profiles their applications, services, vulnerabilities and compliance status. The company's 360 Security Intelligence Hub provides analytics and reporting capabilities for the software. nCircle also sells a cloud-based assessment suite for small businesses and offers a Web-based benchmarking service to provide metrics against other businesses.

James B. Johnson, CEO of Tripwire, said an integration road map is still being worked out. The goal of the integration is to combine products to increase visibility into the risks in the enterprise by boosting reporting and analytical capabilities, Johnson said.

"[Customers were] looking for a vendor that was as flexible as their networks were diverse," Johnson said.

Tripwire was acquired by private equity investment firm Thoma Bravo in 2011. The Portland, Ore.-based company's flagship product Tripwire Enterprise automates compliance and configuration management with its Tripwire Log Center and security event management for SIEM capabilities. Since the acquisition, the company has sought partnerships with other security infrastructure vendors.

Tripwire had great pedigree with file integrity monitoring and did one thing and one thing well, and they stuck to it, said Pete Lindstrom, principal and vice president of research at Spire Security.

"I can imagine them moving from their roots to potentially being a system log aggregator on steroids," Lindstrom said. "These guys like numbers, so it will be interesting to see if they can successfully integrate into a more dynamic approach to support evidence-based security."

PUBLISHED MARCH 11, 2013