Another application security vendor is being acquired by a large software company. Today, HP announced that it plans to acquire SPI Dynamics Inc., a leading provider of Web application security assessment software and services.
SPI Dynamics will be integrated into the Software unit within HP's Technology Solutions Group.
Jonathan Rende, vice president of products, Quality Management Software, Software, HP, said the acquisition adds a new dimension to what HP already does.
"This is a great fit with the HP portfolio," he said. "We have a massive amount of commitment to the enterprise software space. This adds a new chapter to the enterprise software side of the house -- security assessment."
"Security assessment and vulnerabilities are synonymous with defects, and the sooner you find them, the better," Rende continued. "We wanted to stake a claim in the Web application security space, and the best way to do that is to acquire a leader."
SPI Dynamics technology, which is already integrated with HP Quality Center software, enables customers to assess and identify security vulnerabilities along the entire development life cycle of Web applications -- from development, quality assurance and deployment.
Customers can also use SPI Dynamics software to validate application security and quality after deployment and to meet auditing and compliance requirements, such as Sarbanes-Oxley. SPI Dynamics products include WebInspect, DevInspect, QAInspect and Assessment Management Platform.
Brian Cohen, chief executive officer of Atlanta-based SPI Dynamics, said the combination of the two companies will allow SPI Dynamics to scale and provide its customers with "the industry's most comprehensive application quality, performance and security assessment solutions."
Caleb Sima, CTO and co-founder of SPI Dynamics, agreed that the investment by HP will enhance the SPI Dynamics technology and believes the products will remain robust. "I think HP will try to make SPI their security center," he said.
Cohen said SPI Dynamics customers need not worry about the acquisition. "We've had numerous customers ask about an acquisition like this many times," he said. "Generally speaking, customers will be very pleased by this acquisition."
The acquisition of SPI Dynamics, which is expected to be completed in the third quarter, follows IBM's announcement to purchase Watchfire. Rende said the timing is coincidental, as HP had been talking SPI Dynamics for over a year and a half. Cohen added, "It's an indication of the acceleration of the consolidation of this industry."
Those two acquisitions show that application lifecycle vendors are serious about security being part of the application lifecycle, said Theresa Lanowitz, former Gartner analyst and founder of analyst firm voke Inc.
"For HP, this acquisition is a long-awaited first sign that signals they may actually understand the importance of the application testing business acquired via Mercury," she said. "Users of both HP and IBM technology will benefit from the integration of the application security tools and solutions. Watch for Microsoft to follow their lead."