Google adds zynamics to its security capabilities

Contact: Wendy Nather, Ben Kolada

Reverse engineering and code analysis vendor zynamics just announced that it is being acquired by Google for an undisclosed sum. Google has made other security plays before, with the largest being the $625m purchase of SaaS messaging security vendor Postini in July 2007, but this is its first reverse engineering deal. Google isn’t providing details on the rationale for the transaction, but we suspect that the target could be used for a number of purposes, including inspecting its ad streams for malware.

Bochum, Germany-based zynamics was founded as Sabre Security in 2004 by Thomas Dullien (aka Halvar Flake), who in 2007 was barred by the Transportation Security Administration from entry to the US as he attempted to travel to Las Vegas to present at the Black Hat conference. Google isn’t disclosing the deal terms, but when we covered zynamics back in 2008 we noted that it was profitable, with revenue of just over a half-million dollars. Google is retaining the entire zynamics team.

Google hasn’t divulged what it plans to do with zynamics’ IP and team, but given the target’s specialties, a pretty obvious use would be to check its hosted ads for malware, as well as improve detection of malware in the Android application market (given that Google just pulled 21 applications from the market today for security issues, this is an ongoing concern). We assume that Google will be using the zynamics assets to augment or replace what it’s presumably using today for these activities. But even in that case, Big G could have just licensed the software, which would mean that it plans to use the zynamics team and its talent to expand upon it for its own use – and since Google has such a wide footprint on the Internet, it’s a target-rich environment.