Why Cisco Is Acquiring ThreatGrid
Mitch Wagner, West Coast Bureau Chief, Light Reading
SAN FRANCISCO -- CiscoLive -- Cisco's acquisition of ThreatGrid, announced Wednesday morning, will enhance network protection by improving the ability to scan suspicious files for possible threats, a Cisco executive said.
The four-year-old ThreatGrid, based in New York, sandboxes suspicious files, runs and analyzes the files, and provides information on whether they contain security threats, said Scott Harrell, vice president of product management for security at Cisco Systems Inc. (Nasdaq: CSCO). ThreatGrid can perform the analysis in the cloud or in an appliance installed on customer premises. (See Cisco to Acquire ThreatGrid Security.)
Security managers can submit files manually, or they can be submitted automatically by security software using APIs built into the ThreatGrid technology. ThreatGrid integrates with enterprise security information and event management (SIEM) systems.
"When the verdict is rendered -- is the file bad, or is it good, and what's the threat level of the file on a scale from 0 to 100 -- that information is fed back to the end user, whether by web portal to a securty analyst, or it can be fed into SIEM tools for analysis," Harrell said.
The service's availability as an on-premises appliance makes it attractive to enterprises that need to keep control of their data, either for regulatory reasons or because they are international enterprises that won't use the cloud, Harrell said.
Cisco already integrates ThreatGrid into the Advanced Malware Protection suite of security products originally developed by SourceFire, which Cisco acquired last year. The acquisition will make it possible for Cisco to integrate ThreatGrid more tightly. Also, Cisco will integrate ThreatGrid's 25 employees and leadership team into the company ranks. (See Cisco Banks on Sourcefire & Snort for Security.)
"A big part of this acquisition is the tech team and the leadership of that team," Harrell said.
Cisco would not disclose financial terms of the friendly acquisition, but it says it expects to close the deal in the fourth quarter.
John Chambers, Cisco CEO and chairman, identified security as a strategic business for his company. Delivering a keynote at CiscoLive this week, Chambers said Cisco intends to be No. 1 in the security vendor market. (See Cisco's Chambers Predicts 'Brutal' Tech Consolidation and Cisco Aims for '#1' in Hybrid Cloud.)
Want to learn more about SDN and the transport network? Check out the agenda for Light Reading's Big Telecom Event (BTE), which will take place on June 17 and 18 at the Sheraton Chicago Hotel and Towers. The event combines the educational power of interactive conference sessions devised and hosted by Heavy Reading's experienced industry analysts with multi-vendor interoperability and proof-of-concept networking and application showcases. For more on the event, the topics, and the stellar service provider speaker lineup, see Telecommunication Luminaries to Discuss the Hottest Industry Trends at Light Reading's Big Telecom Event in June.