Symantec to Acquire SecurityFocus

cbv writes "Symantec Corp. today announced the acquisition of SecurityFocus for approximately US$75 million in cash. The press release reads, 'With this acquisition, Symantec will offer customers the most comprehensive, proactive early warning system across the broadest range of threats.' The transaction is expected to close by early to mid-August 2002."

Full Disclosure Mailing List

[eejack]

There was a new list started about 2 weeks ago, directly because of this potential issue:

Here was the announcement:

Subject: Announcing new security mailing list

We are pleased to announce the creation of a new security mailing list
dedicated to FULL DISCLOSURE. When Scott Chasin handed over the bugtraq
mailing list, it was clearly dedicated to the immediate and full
dissemination of security issues. The current bugtraq mailing list has
changed over the years, and some of us feel it has changed for the worse.

If you believe in full disclosure, and wish to participate in unfettered,
and unmoderated discussions, please feel free to subscribe to the new
mailing list by accessing http://lists.netsys.com

Where is Symantec headed?

[drew_ri]

This is interesting news. It is a loss to the security community at large, since securityfocus was such a great resource, although once they went commercial it lost a lot of its appeal to me. Symantec is really positioning itself to be the M$ of security here. About 8 months ago, I was at a meeting with some of their top Sales and Product Dev. folks, and they presented their offerings roadmap. It included an appliance which would:

Serve as a FW/VPN

Act as a network IDS

Serve as a management console for Host IDS

Act as the A/V Manager
Because they have agents installed on every machine when you run Intruder Alert, NAV, or other tools, it would allow them to sync up the status of a host, network, etc. with the mothership at Symantec-Focus, and determine in real-time what devices are vulnerable. This is kind of cool in concept but not easy in execution.

My concern is that they already have bought other products, which are completely jacked up and are still not fixed. I spent my Thanksgiving morning last year doing a disaster recovery on a Symantec Intruder Alert System...what a mess that product is...where is the high availability, the fault tolerance, etc.? Again...cool concept, crappy execution.

This merger puts Symantec in direct competion with folks like eSecurityOnline, and I can tell you that for people already in bed with Symantec who have legal obligations to stay on top of vulnerabilities (e.g. Banks) this makes it a one stop shop for them. I see it as a conflict of interest. They should buy a couple of pen-test companies while they're at it and they can even validate their product implementations are secure ;)

Other acquisitions

[LiNT_]

They also acquired Recourse Technologies and Riptech. Symantec corporate

I don't trust that list either...

[ShaunC]

The "announcement" of the Netsys list's creation was spammed to everyone who's posted to BugTraq lately. Let's see: unsolicited, bulk, advertising something, and sent to email addresses scraped from a webpage or mailing list. In my world, that's spam. What's worse, the list's owner - Len Rose from Netsys - said that people who were unhappy about the spam were "lunatic diehards". He then proceeded to tell one of them in particular to, quote, "FOAD."

I don't trust a spamming pompous ass to run a security list any more than I trust Symantec to do it. I'm sorry, but Netsys really dropped the ball on this one; I'm not about to hand my email address over to them.

Shaun

Proxomitron

[Futurepower(R)]

Proxomitron sees all, filters all. Regexp your Internet connections.