Symantec builds double-clad security service

Plans to integrate two existing alert services in bid to tap compliance market.

Symantec plans to launch a security service on Monday that combines two existing offerings in one, a bundle designed to help customers comply with regulations and defend better against digital threats.

The Cupertino, Calif.-based security company is knitting its Early Warning Services together with its Managed Security Services to create Global Intelligence Services.

"We estimate 10 to 20 percent of our customers use both services. But they have been saying it would be better to integrate them, so they could be embedded into their network," said Dee Liebenstein, product manager in Symantec's Global Services and Support group. "With both pieces, they can compare their data with the global data. And this unique reporting data gives them the ability to do security benchmarking for regulatory compliance."

The introduction of the combined service comes as companies work to comply with regulatory requirements to secure sensitive business information against exposure and attack. These regulations include financial reporting rules under the Sarbanes-Oxley Act and health care privacy mandates set forth in the Health Insurance Portability and Accountability Act, also known as HIPAA.

Symantec's Early Warning Service, with its network of 20,000 sensors around the world, sends out advisories to customers about looming security threats such as viruses and software flaws. New vulnerabilities are monitored, and customers are alerted to protect their networks if the threats apply to their industry or computing environment, Liebenstein said.

With Managed Security Services, Symantec manages and monitors customers' networks, checking security measures such as firewall logs. Businesses with systems under attack will be notified by Symantec of the attempted breach and offered advice on how to secure their network to prevent damage.

"The time from exploit to attack is shrinking. A couple of years ago, it was common for worms to target a vulnerability that was six months old or older," Liebenstein said. "But over the years, that time is shrinking. In May, the Sasser worm targeted a vulnerability that was 19 days old. Exploits are popping up an average of 5.8 days from the time the vulnerability is identified, during the first six months this year."

Symantec is trying to attract large and midsize businesses that want to be notified both of potential attacks coming down the pike and of actual attacks on their networks. The services compete with offerings from security rivals such as McAfee, MessageLabs and Sophos.

Both Managed Security Services and the Early Warning Service will also continue to be offered as stand-alone services, Liebenstein said. The combined offering will be available in the United States on Monday.