Trend Micro makes DLP move, Symantec stands pat

Trend Micro has made its move in the red-hot (DLP) data leak prevention business, snapping up Provilla, a two-year-old company that markets DataDNA fingerprinting technology.

Financial terms of the deal were not released.

The Japanese security powerhouse plans to operate Provilla as a subsidiary of its U.S. affiliate and continue to offer Provilla's stand-alone products for the near term. These include LeakProof, a service that uses "fingerprinting" technology to scan file servers to create document signatures. LeakProof than monitors access and enforces policy -- through any port, on every PC, at all times.

Gradually, Trend Micro says it will integrate Provilla's capabilities into its own enterprise, small and medium business products.

The Trend Micro moves comes in the midst of heavy consolidation -- and roll-up speculation -- in the DLP space.

Rival McAfee recently shelled out $350 million to buy SafeBoot, $20 million to acquire Onigma and unveiled a new

risk management strategy to take advantage of the lucrative market for database protection products.

One company that appears to be standing pat on the acquisition front is Symantec. Speculation on a long-rumored deal for Vontu heightened last week with word that Big Yellow would spend between $300 million and $350 million for Vontu but sources tell me the two sides "couldn't get close" on the valuation/price tag for the acquisition.

A Symantec/Vontu marriage makes total sense (scuttlebutt has been around since 2006) and the acquisition could still happen eventually but there's no immediate deal to announce.

On yesterday's earnings call, Symantec boss John Thompson had this to say about his company's DLP strategy:

Another area of growing interest for our customers is Data Loss Prevention or DLP. There has been some recent speculation about our intentions in this space. Suffice it to say, it’s an important area for our customers and we have a very strong sense of how the technology solutions will evolve in this area. We believe that true DLP solutions require the layering of technologies in a similar manner as malicious code detection has evolved. No single technology addresses all of the requirements of a true DLP solution.

...Over the past several years we have been adding complementary DLP technologies to our compliance, messaging security and archiving products through a number of important acquisitions. We also continue to develop our own technology with our recent introduction of new or upgraded products that assist with data loss prevention.

That sounds very much like M&A activity (a Vontu buy) is still very much on the cards but it looks like Thompson is happy with a build-it approach. Or, it could all be negotiation posturing.