Sourcefire acquires Immunet for cloud-based anti-malware

Sourcefire today announced it has acquired start-up Immunet for $21 million, including $17 million paid at closing and $4 million expected to be paid over the next 18 months upon “achievement of product-delivery milestones related to the enterprise version of Immunet’s product.”

Tech M&A deals of 2010

John Burris, CEO of Sourcefire, which makes intrusion prevention products and shepherds the open-source Snort, called Immunet a “disruptive innovator in delivering cloud-based solutions with over 750,000 users in 192 countries.” Burris said in a statement the acquisition of Immunet would help Sourcefire accelerate its cloud initiatives. Executives acknowledge the Immunet acquisition puts Sourcefire in direct competition with traditional anti-malware providers.

In a call with analysts, Burris said Immunet enhances Sourcefire as a “strategic security provider” and said it helps Sourcefire make use of open-source Clam A/V, another acquisition.

Sourcefire founder Martin Roesch said the Immunet approach, which uses Clam A/V, is to leave anti-virus signatures in the cloud in a platform that Sourcefire expects to use for threat information-sharing over time with Snort, open-source Clam A/V and Sourecfire’s Razorback project. In terms of security, “we can now see what’s on people’s desktops,” said Roesch about the value of Immunet in expanding Sourcefire’s threat-monitoring capabilities.

Immunet offers both a free and paid version of its consumer product. In response to analysts’ questions, Burris acknowledged the number of paid subscribers is not “huge” today, without providing more detail. He also said some enterprise adoption is already evident.

Greg Fitzgerald, senior vice president of Sourcefire, said Immunet today has a consumer-based anti-malware product and the enterprise version would proceed in cooperation with Sourcefire, though it is not yet clear how the management console would be designed. Roesch said the enterprise version is expected to be ready in late 2011. Sourcefire will be promoting the consumer side of the product now.

Sourcefire is expected to retain Immunet personnel, including founders Oliver Friedrichs, Alfred Huger and Adam O’Donnell. In a statement, Friedrichs said adding Immunet will give Sourcefire a boost in endpoint protection.

Founded in 2008, start-up Immunet last year had about 10 employees. In a 2010 interview with Network World, Friedrichs called Immunet “the next-generation antivirus product” which is based on a “cloud-styled antivirus platform that will work with a fairly lightweight desktop agent to block and destroy malware.” Fredrichs also said Immunet received $2 million in funding from ALTOS Ventures and TechOperators.

Fitzgerald acknowledged the Immunet acquisition expands Sourcefire further into becoming a full-service security firm, putting it directly in competition with traditional anti-malware vendors including Symantec, McAfee and others.

The Immunet software is designed to coexist with other anti-malware software, but Fitzgerald adds, “Our angle in this is coexistence with existing technologies until enterprises recognize the protection this provides is quicker and more effective.”

Without going into detail about its finances prior to a February earnings announcement, Sourcefire acknowledged its business with the federal government is down substantially due to the government’s belt-tightening, though its commercial sales are strong.

In other technology initiatives, Sourcefire has committed to introducing a next-generation firewall later this year.

Read more about wide area network in Network World's Wide Area Network section.

Join the CSO newsletter!

Error: Please check your email address.

Tags sourcefireIDSsecurityIPSanti-malware

More about Cisco SecurityLANMcAfee AustraliaSymantec

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Ellen Messmer

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts