Facebook is adding to its web security stable with the acquisition of Palo Alto, Calif.–based PrivateCore, a venture-backed trustworthy computing startup founded by VMware and Google vets in 2012.
Terms of the deal were not officially announced, but PrivateCore is reportedly funded by $2.3 million in investment capital.
The company has a technology called vCage, which protcts servers and the virtual machines running on those servers. The software attests the integrity of the servers, works to harden the environment to minimize the attack surface and applies encryption to data-in-use (memory)—all critical security aspects for cloud-based companies like Facebook.
Facebook finished implementing HTTPS encryption by default over a year ago, and has also been beefing up its data-center traffic security. PrivateCore’s offering will be used to target persistent malware, unauthorized physical access and malicious hardware devices.
“I believe that PrivateCore’s technology and expertise will help support Facebook’s mission to help make the world more open and connected, in a secure and trusted way,” said Joe Sullivan, chief security officer for the social network, in a Facebook post. “Over time, we plan to deploy PrivateCore’s technology directly into the Facebook server stack. I can’t wait to have them join Facebook.”
Obed Horovitz, CEO of PrivateCore, added that the two “have an aligned mission.”
“Facebook has done more than any company to connect the world, and we want to use our secure server technology to help make the world’s connections more secure,” he noted in a statement on the website. “Working together with Facebook, there is a huge opportunity to pursue our joint vision at scale with incredible impact. We know we will learn and grow as we continue developing our technology and making it stronger.”
Facebook has steadily made progress on implementing its own security force, including the launch of an in-house threat information network last year. Recently it announced the takedown of a botnet known as Lecpetex, capable of stealing social credentials and using unsuspecting machines for mining virtual currency.