Trend Micro purchases Immunio to enhance software security offering
Security firm Trend Micro announced it has recently acquired Immunio, a startup focused on web app security, in a bid to expand its hybrid cloud security to DevOps. The company intends to combine automation protection with a mix of additional capabilities from Immunio and in-house development.
Immunio is a Montreal based company founded in 2013, which has since received approximately $8 million in funding from Canadian and international venture capitals, such WhiteStar Capital, Real Ventures, Hoxton Ventures and BDC. Its platform is intended to protect web applications and APIs from cyber vulnerabilities. When a vulnerability within an app is detected, the platform thwarts the attack in real-team, enabling development teams to determine where the vulnerability was located and how to stymie it in the future.
Trend Micro noted that Gartner estimates that “By 2019, more than 70 percent of enterprise DevSecOps initiatives will have incorporated automated security vulnerability and configuration scanning for open-source components and commercial packages, up from less than 10% in 2016.”
“We are excited to acquire Immunio’s application protection technology, their team of application security experts and their customers,” said Bill McGee, SVP and GM of hybrid cloud security at Trend Micro. “Technology changes, like cloud computing and container platforms, are enabling faster application development. Immunio’s run-time application security allows our customers to increase protection against software vulnerabilities within the applications they are building.”
As part of the acquisition, Immunio’s web security application will be integrated into Trend Micro’s offering, which adds security to applications as they are written. Trend Micro also announced it is boosting its container-specific security capabilities with container image scanning, which allows security issues to be identified and addressed before production release. Users can scan images in the container registry, allowing development teams to fix issues prior to deployment and apply run-time protection capabilities based on findings from the imaging. The company said these capabilities will be generally available next April.
“Many of our advanced customers have adopted DevOps lifecycle practices and are using Trend Micro Deep Security in an automated way to provide server and application protection,” added McGee. These new advancements are extending the protection we provide and ensuring that organizations can continue to develop and deploy applications quickly while remaining secure.”