BYOD is starting to become a big business driver. I’m talking about “Bring Your Own Device,” the corporate practice of letting employees use their personal smartphones, tablets, and other computers for work purposes. As you can imagine, this is a major challenge for IT departments, which need to make sure the software and business data on these devices are secure and accounted for at all times.
Enter Veracode, an application security firm in Burlington, MA, which says today it has acquired Marvin Mobile Security, based in Berkeley, CA, for an undisclosed price.
Veracode is known for its Web-based security testing platform, which detects vulnerabilities in code and generates a prioritized report of flaws for big companies. The firm has been active in security verification of enterprise mobile apps, but it hasn’t been sophisticated about figuring out exactly what the apps might be doing on employees’ devices—such as tracking location, accessing users’ address books, connecting to remote servers, affecting network bandwidth, spreading malware, and so forth.
Marvin, a small startup led by founder and CEO Theodora Titonis, has software that addresses that mobile-app problem using machine learning, behavioral analysis, and other techniques. In particular, Marvin’s technology does a quick malware check that Veracode plans to incorporate into its mobile offering.
“This is a great opportunity for us to take their technology and bring it to bear on our customers,” says Bob Brennan, Veracode’s CEO. “It expands the company’s addressable market” in a way that’s “directly adjacent.”
The deal also underscores the growing importance of mobile-app security and management in the post-PC era—especially for enterprises. As “software” increasingly means “mobile software,” a lot of tech firms will be jockeying for position to be the end-to-end service that big companies need. “More and more applications are going to be mobile. That feels inevitable,” says Brennan. “The number one issue is security.”
The hard work of integrating Marvin’s technology into the business falls to Sam King, Veracode’s executive vice president of corporate development. “The challenge is if there are areas of overlap in your core technology and what you’ve acquired,” she says. “But we are complementary, there’s no overlap. We’re not keeping just the Marvin part or the Veracode part, we’re keeping all of it.”
Titonis, Marvin’s CEO, is joining Veracode as vice president of mobile security and will remain based in Berkeley. So Veracode now has a small presence in the San Francisco Bay Area.
We’ve previously written about Veracode as being one of the Boston area’s biggest technology bets, with $74 million in venture funding raised and now more than 200 employees. Brennan came in as CEO in late 2011. He was previously the president and chief executive of Iron Mountain (NYSE: [[ticker:IRM]]), the multibillion-dollar data protection and information management firm.