Symantec secures WholeSecurity

Symantec has agreed to acquire privately held WholeSecurity, which makes products to fight phishing scams and detect malicious code attacks.

Venture-backed WholeSecurity is based in Austin, Texas, and employs about 60 people. Its customers include Deutsche Bank, eBay and Visa, according to the company's website. The acquisition is expected to be completed in October, Symantec said on Thursday. Financial details were not disclosed.

Symantec currently offers limited anti-phishing capabilities through its Brightmail anti-spam products. The WholeSecurity deal will expand Symantec's line-up that handles phishing fraud and detects worms and other attacks, said Enrique Salem, senior vice president for security products and solutions at Symantec.

Symantec is keen on WholeSecurity's threat detection, Salem said. The behavioural-based technology analyses the characteristics and actions of viruses, worms and other malicious code to safeguard networks. In the past, detection software has typically used signatures, or recognition of specific threats.

Salem said: "We already had a range of behaviour-based capabilities but the WholeSecurity technology is incredibly accurate." The patent-pending software looks at malicious behaviour as well as good behaviour to assess the risk. "Most behaviour-based technologies only look at malicious behaviour," he added.

Symantec plans to integrate WholeSecurity's technology into its own products, according to Salem.

WholeSecurity also maintains a list of phishing sites, known as the Phish Report Network. The list is used by eBay and Microsoft browser add-ons that aim to defend against fraud.

The announced acquisition of WholeSecurity is Symantec's second in as many months. In August, the Cupertino, California-based security software giant said it planned to buy compliance specialist Sygate Technologies. In July, Symantec completed the takeover of Veritas Software, which sells backup and management software.

Joris Evers writes for CNET News.com