Kisco Bolsters IBM i Security Business With DXR Buy

May 6, 2024 Alex Woodie

Kisco Systems has acquired DXR Security, the company co-founded four years ago by IBM i security expert Carol Woodbury. The deal immediately boosts Kisco’s position in the IBM i security space, and gives Woodbury an opportunity to cement her midrange legacy.

Woodbury started her computer security career in Rochester, Minnesota back in 1984, when she was hired to work on securing IBM’s midrange platform. Over a 16-year career, she eventually rose to the position of AS/400 Security Team Leader and Chief Engineering Manager for Security when she retired in 2000.

Known simply by the community as the AS/400 security architect, Woodbury began a new career outside of Big Blue that included consulting contracts and co-founding two companies with her longtime business partner John Vanderwall, including SkyView Partners in 2002 and DXR Security in 2020. SkyView Partners was acquired in 2015 by HelpSystems (now known as Fortra), where she continued to work until co-founding DXR Security.

At DXR, Woodbury focused predominantly on penetration testing client’s IBM i servers. She and Vanderwall amassed a customer base over the past four years of pen-test clients, but the pair eventually decided to join forces with a larger IBM i security company, and Kisco Systems was the best fit.

According to Woodbury, the decision to pair up with Justin Loeber and Kisco was driven by several motivations, including a desire to make a final mark on IBM i security and product development after 40 years in the field.

Carol Woodbury is joining DXR Security as a senior advisor.

“You know, at some point in the future, I will retire,” Woodbury told IT Jungle. “I don’t know exactly when that’s going to be. And I wanted to leave my legacy in good hands. I wanted to pass knowledge on to somebody who would value that knowledge and use that knowledge, and Justin and Kisco fit that bill perfectly.”

Kisco is one of the last independent developers of security software on the IBM i server. The Danbury, Connecticut-based company develops and sells a range of IBM i security tools, including: an exit point monitoring and management product called SafeNet/i; a multi-factor authentication product called i2Pass; a self-service password reset utility called iResetMe; an auditing tool called iFileAudit; and a security configuration reporting tool called iSecMap.

Loeber, who bought Kisco three years ago from his father Rich Loeber when he retired, welcomes the security wisdom that Woodbury will bring, as well as her IBM i penetration testing service.

“Kisco does a security assessment, but it’s report driven, not data-driven. The pen test is the proof,” Loeber said. “An analogy I like to use is it’s like the building code and the building inspector. We have certain standards that we can try to work towards, like CIS benchmarks or the information in the books that Carol has written, via template. There are reports that show you how you’re doing against that template. But the ultimate proof is a penetration test.”

Woodbury said she’s looking forward to working with Loeber and the Kisco software developers.

“We’ll be partnering with Kisco and training up individuals at Kisco to able to kind of spread the wealth of knowledge,” she said. “It’s a benefit not to just to Justin and John Vanderwall, but the DXR customers and the Kisco customers are going to benefit from a broader scope, bringing this software and services together. That’s a much better marriage than having separate offerings.”

The world of cybersecurity is moving very fast right now, and it’s difficult to keep up. Security professionals like Loeber and Woodbury have done a lot to raise awareness of the security threats. The good news is that IBM i shops are beginning to realize that they aren’t immune, but there is still more work to be done.

“I think people are starting to realize that they need to take action,” Woodbury said. “I also think that showing that it’s a data problem is helping. People need to understand that the data on the system is something that is incredibly valuable.”

As a senior adviser and subject matter expert, Woodbury will be working with the Kisco products developers. It’s still too early to say whether there will be new IBM i security products that come out of this union, but it’s probably something that you shouldn’t bet against.

“It’s the unlocking the potential that’s in our software, is combining it with all of Carol’s expertise,” Loeber said. “Now we can funnel that straight through to the customer.”

Having an active software development house, as Kisco does, is clearly important to Woodbury, as it portends a certain level of attentiveness to the current security situation. And that situation is as dire as it has ever been, with malicious state actors like China and Russia and artificial intelligence combining to up the security ante to levels never seen before.

“One of the reasons we wanted to partner with Kisco is that they’re under active development with their products,” Woodbury said. “And that’s important to me, to have a company to partner with to make sure that they’re not just stagnant, but they will continue to improve.”

This Issue Sponsored By

Table of Contents

Content archive

Recent Posts

Subscribe

Pages

Search