IBM Acquires Ounce Labs, Bolsters App Security OfferingsBy Ericka Chickowski | Print
Big Blue says the purchase was largely carried out in order to fold Ounce’s application testing capabilities into its Rational Software division.
IBM picked up yet another high-profile security solution developer to add into its portfolio with the announcement today that it would gobble up Ounce Labs, a Waltham, Mass.-based developer of application security testing tools.
This latest buy by IBM further emphasizes the company’s commitment to developing or acquiring the capabilities to offer a fully fleshed out security framework for its customers and partners.
Ounce is well-respected within the security community for its research into application vulnerabilities. Through its primary focuses on static application security testing and governance risk and compliance advising, the company reports that it has experienced unusually strong growth during the current economic slump. According to a recent announcement, Ounce reported that year-over-year quarterly bookings grew 80 percent during the second quarter of 2009 and up 60 percent during the first quarter.
IBM did not disclose the financial purchase of Ounce, which was privately held, but it did note that the purchase was largely carried out in order to fold Ounce’s application testing capabilities into its Rational Software division.
Secure code development has been a hot topic recently, given the prevalence of attacks within the application stack and the growing need to comply with Web application security components of regulations such as PCI DSS. Earlier this month, in fact, Verizon Business announced the Verizon Business Application Security Program</a> to address just this risk.
"Secure applications are vital to information integrity and continuity in government and business. The complexity of today's systems and the sophistication of attacks require comprehensive technology," said Dr. Daniel Sabbah, general manager of IBM Rational Software, in a statement. "The acquisition of Ounce Labs allows IBM to provide customers an end-to-end application security testing solution for managing security and compliance across all stages of the software delivery process."
Ounce technology will be integrated into the Rational AppScan suite of Web application security and compliance testing solutions, Sabbah says. With the acquisition IBM hopes to better round out its application security offerings so that Rational can offer a full range of analysis throughout the software development lifecycle.