"Two or three years ago, point products could get away with not being enterprise-ready, and not really being aware of how enterprise software is deployed and maintained over a life cycle," says Dave Barrett, general partner with Polaris Venture Partners of Waltham, Mass. "Now a second wave of security solutions is available that really do understand how to be installed and used inside the enterprise, to help IT maintain them over a life cycle."
Barrett, a former executive With Calico, Pure Atria Software and Lotus Development, focuses on information technology opportunities for investment. The focus in today's economy is on doing more with less and reducing the total operating burden.
Security products that enable a single sign-on are also hot. Imprivata, in which Polaris has an investment, is one example. The company is close to releasing a security appliance for single sign-on. Another example is Novell, whose Nsure product for identity management includes Secure Login for single sign-on.
How can they be detected?
"A number of companies are building algorithms based on behavior models that can pinpoint the internal attacks and see if they can build a predictive model, so that a similar attack does not happen again," Barrett explains. "It's a compelling area."
The convergence of security management products with network and applications management products is another trend.
"IT managers want a single-console approach to aggregating and correlating security alert information from inside and outside the network," Barrett says.
Correlating that information with data coming from infrastructure tools, can help reduce cost of ownership. Incumbents pursuing this market include Computer Associates, BMC, IBM's Tivoli and Hewlett-Packard, but a number of startups are also involved.