Qualys To Buy Threat Detection Startup NetWatcher To Strengthen Ties With MSSPs


Printer-friendly version Email this CRN article

Qualys plans to purchase the assets of NetWatcher to expand its reach into the real-time threat intelligence market and bolster its relationship with managed security service providers.

The Foster City, Calif.-based cloud security vendor said the acquisition will fortify its threat detection, incident response and compliance management capabilities for businesses of all sizes. The Reston, Va.-based startup provides businesses with a real-time view of potential security vulnerabilities such as weak passwords, unsafe behavior and outdated software, according to Qualys.

"Built on open-source components, NetWatcher has created a comprehensive cybersecurity and threat intelligence service that helps businesses of all sizes effectively manage cyberthreats, provide incident response, and manage compliance across on-premise, hybrid and cloud environments," Philippe Courtot, Qualys chairman and CEO, said in a statement.   

[RELATED: Q&A: Qualys CEO On Why Legacy Security Companies Won't Cut It In Cloud-First World]

NetWatcher leverages continuous network security monitoring to identify potential threats and vulnerabilities created by employees and external entities, as well as enable customers to remediate those security issues quickly, according to the company. MSSPs will be vital in offering and delivering NetWatcher's services to their clients worldwide, according to Courtot.  

The company's executive team will be incorporated into Qualys, with CEO Scott Suhy becoming vice president of strategic alliances and business development and founder and CTO Kenneth Shelton becoming vice president of engineering and real-time threat correlation platforms. NetWatcher was founded in 2012 and employs 12 people, according to LinkedIn.

Qualys's stock is down $0.75 (1.23%) to $60 per share in trading Wednesday morning. Terms of the deal, which will not have a material impact on Qualys' financials, weren't disclosed, and Qualys didn't immediately respond to requests for additional comment.

NetWatcher's on-premises or cloud-based sensors provide threat intelligence derived from correlating data from multiple sources such as intrusion detection, netflow analytics and log analysis, Qualys said. Endpoint sensors, meanwhile, provide log forwarding and behavioral monitoring on-premises and when mobile users are connecting to unsecure Wi-Fi networks.   

The company also presents notifications if users create vulnerabilities on the network by running risky or vulnerable software or sending personally identifiable information over the internet in clear text. For exploited assets, alerts are provided immediately through a customer portal, mobile app, reports, email and text, according to Qualys.

NetWatcher also delivers compliance reporting for programs such as HIPAA and PCI DSS that require log storage, management and monitoring.  

Qualys' cloud-based approach to security has historically made it difficult for the company to offer SIEM or log management tools, according to Nathan Wenzler, chief security strategist at Larkspur, Calif.-based AsTech Consulting.

Printer-friendly version Email this CRN article