While it normally takes companies a considerable amount of time to close acquisition deals, HP has closed the Fortify deal in almost record time and is already looking at how to integrate security analytics products. IBM has also been buying security for business analytics and if you thought Agility and GRC are like chalk and cheese, think again!

Oracle Adds Health to Security Governor

It's Open World this week, so lets have a look at Oracle (news, site). With health, compliance and risk now big business, Oracle has just introduced Oracle Security Governor for Healthcare, a new component of the Oracle Health Management Platform.

Oracle Security Governor is an integrated, out-of-the-box security governance solution specialized for the needs of healthcare organizations. It provides both retrospective fraud detection and real-time fraud.

Built around Oracle Identity Management 11g as well as Oracle Data Mining and Oracle SOA Suite, Oracle Security Governor offers risk-monitoring capabilities such as analytics and reporting to provide complete visibility into data and application access and suspicious insider activity.

With governance and risk as its principal focus, its core capabilities include:

  • Historical privacy and security breach detection
  • Real time privacy and security breach detection
  • Rapid incident investigation
  • Automated privacy

Still time for more from Oracle this week so we’ll be keeping an eye-out.

IBM Adds Security to BI

IBM has also been busy with security, this time adding it to their business analytics. Last week, Big Blue (news, site) announced that it was buying Open Pages, a MA-based company that develops risk and compliance software for business.

When the deal is closed, IBM intends to add the company to its business analytics portfolio rather than to the Tvioli part of its business that benefited from the BixFix security acquisition last July, an indication that Open Pages will be sold as part of its data analytics packages on which IBM has spent a whole pile of money over the last ten years.

Terms of the deal were not disclosed and it is not possible to estimate how much it might be worth. However, none of the deals done recently have been cheap -- the BigFix deal was estimated to be worth US$ 400 million.

Open Pages enables enterprises to view data from different systems to get an idea of a business's total exposure to danger. It already has quite a reputation with over 200 clients, many of them Fortune 500 Companies including Duke Energy, Allianz and BP. Want to find out more?

ArcSight Upgrades Risk Assessment Platform

Only a week after HP announced that it was going to buy ArcSight, ArcSight has announced several major enhancements to the key components of its Enterprise Threat and Risk Management (ETRM) platform.

New features and functionality will now be included in ArcSight Enterprise Security Manager (ESM), the core analysis engine for managing threats and risks within the ArcSight platform, and ArcSight Logger, the fundamental log storage and search solution within the ArcSight platform.

In addition, ArcSight has enhanced ArcSight IdentityView to take advantage of new platform features in ArcSight ESM and added new functionality to the ArcSight Connectors.

The platform gives organizations visibility into who is on the network, what they are seeing and doing, and how that impacts business risk, regardless of the types of architecture, applications or services used.

All upgrades come with connectors that enable it take any kind of information from any type of legacy system.

HP Closes Fortify Deal

For the record, and in record breaking time, HP (news, site) has announced it has just completed its acquisition of Fortify Software.

The combination bridges static and dynamic security analysis across the application lifecycle to help users reduce business risk against malicious attacks.

The deal is no real surprise as they have collaborated before on a number of projects including the release of the advanced security analysis software Hybrid 2.0 in February. There have also been rumors for months that the acquisition was on the cards.

With Fortify, HP can build enterprise application security programs from the ground up rather than adding them as an afterthought and in doing so create far more robust security systems across entire application lifecycles.

It will be able to accelerate development of this technology to give clients the accuracy and prioritization they need around security vulnerabilities to build scalable enterprise application security programs.

In short it means that using Fortis, security can be added from the ground up and into the blueprints of the application from the very start.

Once the deal is closed, Fortify and its management team will be gradually absorbed into HP’s Software and Solutions business with its products becoming part of its Business Technology Optimization application portfolio. However, initially Fortify will remain as a standalone to ensure support for existing customers. HP says it will announce product integration news at a later date.

Content Management Agility for GRC

And finally you may have noticed this week that we have been focusing a lot on information management agility in the enterprise. It may not be obvious, but it has considerable implications in the GRC space as Kimberly Samuelson of Laserfiche (news, site) explains in her article Content Management Agility for Organizational Sustainability thru GRC.

While most people think of implementation of GRC as causing information lock-down, in actual fact it fosters a path for organizations to maintain sustainability, all anyone is really looking for in the current economic climate. Check it out.