IBM has acquired CrossIdeas, a security vendor offering tools to manage corporate compliance through identity controls and governed access to applications and data in cloud and on-premise systems.
IBM announced on Thursday it had acquired the Italian security vendor, adding to Big Blue's broad portfolio of security services that has already seen it become the world's third largest security vendor by revenue.
CrossIdeas, already an IBM partner, is intended to help the company's customers reduce the risk of fraud, conflicts of duties, and human error in business processes.
Terms have not been disclosed for the deal, which beefs up the IBM's push for the enterprise security market. It's last major security purchase came last year with its $1bn acquisition of Israel-US security vendor Trusteer.
CrossIdeas, founded in 2011, will be added to IBM's identity and access management portfolio, giving Big Blue improved capabilities to mitigate access risks and segregation of duty violations — useful in finance, manufacturing and other industries.
One such example would be a stock trader who, through a promotion, gained access to authorise trades in two systems in such a way that it violated internal controls required for compliance. CrossIdeas' technology would help auditors detect and remediate these violations before they become a security risk, according to IBM.
It also offers auditors and risk and compliance managers an intelligence dashboard for identity management that exposes user access to help align compliance and access risk requirements and allows auditors to evaluate access risk and segregation of duties across enterprise-wide applications.
"The addition of CrossIdeas extends IBM's market share leading portfolio of identity and access management capabilities," said Brendan Hannigan, general manager of IBM Security Systems.
"IBM can now provide enterprises with enhanced governance capabilities and transparency into risk from the factory floor to the board room, giving leaders the insight they need to protect their brand and customers."
IBM has been making large gains in the enterprise security market at the expense of pure-play security vendors. According to recent figures by Gartner, with revenues up 20 percent year on year in 2013 to $1.14bn, it became the third largest security software vendor, behind Symantec and McAfee.
Earlier this year IBM announced its new IBM Threat Protection System and the Critical Data Protection Program, which is the culmination of two years of internal investments and acquisitions that besides Trusteer, includes Q1 Labs, Guardium, Ounce Labs, Watchfire and Fiberlink/MaaS360.
IBM has also teamed up with content distribution network Akamai to help customers stave off traffic attacks in the enterprise.
Read more on this story