I guess it was just too logical not to happen. Seriously, very happy for my friends at Alert Logic on their acquisition of ArmorLogic which was announced this morning. ArmorLogic has built a good reputation with a quality WAF product called Profense.
Web App Security is a huge issue right now. In spite of the fact that WAF and other web app security has been around for a while now, we have not seen the critical mass of uptake that we would expect. That’s what I think is the special sauce in the Alert Logic acquisition. In speaking with Gray Hall, Urvish Vashi and the rest of the Alert Logic team they believe that taking their Security-as-a-Service formula (which includes SaaS security solutions wrapped with a managed service option manned by an expert security team) the WAF will be more accessible, affordable and manageable than any WAF on the market today. If they can pull that off, combined with their strong channel of hosting and cloud providers, it could be a game changer in the WAF market.
Of course I do consulting work for Alert Logic, so want to make that disclosure clear. However, I agree with the AL team’s view of this. I think WAF like much security technology today is beyond the grasp for several reasons of the average organization. It is too complex, too expensive and just plain too hard. Alert Logic has a good record of taking care of security for their partners and customers. It is that Security-as-a-Service model again that I think is the special sauce that will ignite WAF.
So congrats to my friends at Alert Logic on the acquisition. Looking forward to more announcements next week at RSA from them as well.