Cambia’s agentless configuration auditing technology will nicely complement nCircle’s own IP360 network security products that scan devices for security risks and bugs and determine whether a corporate firewall is properly configured and password-secure.
Cambia’s CM technology runs as an appliance and works by analyzing how changes in system configurations impact corporate configuration standards and policies for audit and control purposes. The technology has a built in library of standard policy configurations like CIS and NIST and also includes prescriptive policies for regulations like HIPAA, SOX and PCI.
nCircle will initially integrate Cambia’s technology into its IP360 platform initially via consolidated reporting interfaces and later through centralized command and control interfaces.
Full integration of the two technology sets is likely to take around 18 months to complete. In the meantime nCircle will continue to sell Cambia as a standalone appliance, re-branded as nCircle Configuration Compliance Manager.
While specific terms of the deal have not been made public, it was an all-stock acquisition that amounted to 15% of the value of privately-held nCircle.
Cambia is based in Alpharetta, Georgia and employs around 25 staff, all of whom will be retained.
Our View
Recognizing that it is operating in a consolidating network security market, nCircle has cleverly designed its platform to integrate complementary technologies. That’s an astute move as increasing government and industry regulations and escalating audit fees demand a more comprehensive approach to security risk and configuration compliance. As the market is increasingly focusing on business risk management as opposed to point security products, traditional agent-based tools are now being supplanted by agentless technologies that lower the cost of deployment and management and provide more comprehensive coverage of network-enabled devices.
