Forcepoint Acquires RedOwl in UEBA Security Push


Forcepoint has acquired RedOwl, bolstering the company's user and entity behavior analytics (UEBA) capabilities.

Forcepoint, formerly Websense, is one of a growing number of cybersecurity companies using UEBA technology to thwart attackers, malware and other threats to enterprise networks. UEBA products generally work by analyzing user behavior, detecting suspicious activities and alerting IT security personnel, allowing them to put a quick end to potential breaches.

"The world has fundamentally changed and the way we think about security must change, as well. If the cybersecurity industry fails to put people at the center, it is certain to fall short in helping customers protect their most vital assets," said Matthew P. Moynahan, chief executive officer of Forcepoint, in an Aug. 28 announcement. "Forcepoint is absolutely committed to empowering customers with human-centric security systems, and RedOwl fits squarely into this promise."

Heath Thompson, senior vice president of Data and Insider Threat Security at Forcepoint, said his company will "be making the newly named Forcepoint UEBA available beginning immediately, and over the coming quarters UEBA capabilities will be integrated across the company's portfolio, as well as with customers' existing cybersecurity technologies," in a blog post.

The addition of RedOwl's security will also bolster Forcepoint's security compliance capabilities for its customers, Thompson said. Further, RedOwl's "UEBA capabilities will allow Forcepoint to provide a key foundation for this new generation of risk-adaptive DLP [data loss prevention]. And with RedOwl, we can take into consideration not only cyber sources but also human-centric databases and applications."

Forcepoint isn't the only vendor integrating UEBA into its broader security portfolio. In fact, Gartner expects that by 2022, there will no longer be a market for standalone UEBA products as cybersecurity companies work the technology into their endpoint security, identity and access management (IAM), , security information and event management (SIEM) and other solutions.

Meanwhile, the UEBA market is contracting.

Earlier this year, Hewlett Packard Enterprise (HPE) acquired UEBA vendor Niara. HPE is using Niara's technology to strengthen its Aruba ClearPass network access control and management platform, the company announced in February.

Also in February, Palo Alto Networks announced that it had completed the $105 million acquisition of LightCyber, another UEBA company. LightCyber's products use machine learning to analyze user activity and spot anomalous behavior that can indicate the presence of an attack. And in July 2015, Splunk acquired UEBA solutions provider Caspida in deal valued at $190 million.