IBM To Acquire Web App Scanning Firm Watchfire

The deal, which is subject to regulatory approval, is expected to close in Q3 2007. Financial details weren't disclosed.

Watchfire's flagship AppScan vulnerability assessment tool scans public-facing Web sites for vulnerabilities, and can also root out flaws in a company's internal Web services and applications. The vendor also makes WebXM, a tool organizations can use to audit websites for compliance issues.

Last November, Watchfire added automated testing for applications that use two-factor authentication technologies, which banking institutions are required to have in place to combat fraud.

Watchfire's technology fits in well with IBM's governance and risk management strategy, and combined with IBM Rational software, will help customers deal with security and compliance issues at an early stage of the application development cycle, IBM said in a statement.

Watchfire partners with FishNet Security, Kansas City, Mo., as well as a host of international resellers, and has consulting partnerships with IBM Global Services, Symantec, and Verisign, among others.