Ivanti
{{Short description|American IT software company}}
{{Infobox company
| logo = Ivanti Logo RGB red.svg
| logo_alt = Ivanti logo (wordmark) in red
| name = Ivanti
| type = Private
| area_served = Worldwide
| foundation = 1985
| location = South Jordan, Utah, U.S.
| key_people = Jeff Abbott, Board Member
Dennis Kozak, CEO
Peter De Bock, CFO
Karl Triebes, CPO
| industry = IT security and systems management software
| revenue = {{increase}} {{US$|1 billion|link=yes}} (2023)
| num_employees = 3070 (2023)
| homepage = {{Official URL}}
}}
Ivanti ({{IPAc-en|ˌ|i:|ˈ|v|ɒ|n|t|i:}}) is an IT software company headquartered in South Jordan, Utah, United States. It produces software for IT Security, IT Service Management, IT Asset Management, Unified Endpoint Management, Identity Management and supply chain management. It was formed in January 2017 with the merger of LANDESK and HEAT Software, and later acquired Cherwell Software. The company became more widely known after several major security incidents related to the VPN hardware it sells.
History
=LANDESK=
LAN Systems was founded in 1985 and its software products acquired by Intel in 1991 to form its LANDESK division. LANDESK introduced the desktop management category in 1993. In 2002 LANDESK Software became a standalone company with headquarters near Salt Lake City, Utah. In 2006, Avocent purchased the company for $416 million. Also in 2006, LANDESK added process management technologies to its product line and extended into the consolidated service desk market with LANDESK Service Desk. In 2010 LANDESK was acquired by private equity firm Thoma Bravo.
LANDESK bought supply chain software company Wavelink in 2012, network vulnerability assessment and patch management company Shavlik in 2013, application software company Naurtech Corporation in 2014, data visualisation company Xtraction Solutions in 2015.{{cite web|title=LANDESK acquires Xtraction Solutions to bring business intelligence to IT|url=https://siliconslopes.com/landesk-acquires-xtraction-solutions-to-bring-business-intelligence-to-it-ffb44a29d644|website=siliconslopes.com|access-date=29 January 2018}} and AppSense, a provider of secure user environment management technology, in 2016.
=Lumension Security=
Lumension Security, Inc was founded as High Tech Software in 1991 and headquartered in Scottsdale, Arizona[http://www.lumension.com/Company/About-Us.aspx About Us]. Lumension.com. Retrieved 04-04-2013. The company was rebranded as PatchLink Corporation in 1999. In 2006, Patrick Clawson was appointed chairman, CEO and president[http://www.lumension.com/Press---Events/Press-Releases/PatchLink-Adds-Security-Industry-Vereran-Patrick-C.aspx PatchLink Adds Security Industry Veteran Patrick Clawson to Drive Next Wave of Growth]. Lumension.com. 2006-08-14. Retrieved 2013-04-11. The company then adopted the Lumension name in 2007.{{cite web |url=http://www.networkworld.com/news/2007/091107-patchlink-born-again-as-lumension.html |title=PatchLink born again as Lumension Security |publisher=Networkworld.com |date=2007-09-11 |access-date=2013-04-02 |archive-url=https://web.archive.org/web/20080821190301/http://www.networkworld.com/news/2007/091107-patchlink-born-again-as-lumension.html |archive-date=2008-08-21 |url-status=dead }}
In 2009 Lumension acquired Securityworks,{{cite news|url=http://www.bizjournals.com/phoenix/stories/2009/04/20/daily2.html |title=Lumension buys Securityworks in deal to expand compliance software |newspaper=Phoenix Business Journal |date=2009-04-20 |access-date=2013-04-04}} and in 2012 acquired CoreTrace.{{cite web|url=http://www.bizjournals.com/phoenix/news/2012/11/05/lumension-buys-coretrace-to-bolster.html |title=Lumension buys CoreTrace to bolster security offerings |publisher=Bizjournals.com |date=2012-11-05 |access-date=2013-04-04}}
Lumension products traditionally competed in the endpoint management and security industry against Sophos, McAfee, Kaspersky Lab, Symantec and Trend Micro among others.
=HEAT=
HEAT software was a producer of software for IT Service Management and Endpoint Management formed in 2015 by the merger of FrontRange Solutions and Lumension Security.
=Ivanti=
In January 2017 Clearlake Capital, owner of HEAT Software, purchased LANDESK from Thoma Bravo.{{Cite web|url=https://www.ivanti.com/company/press-releases/2017/clearlake-capital-to-acquire-landesk-and-combine-w|title=Clearlake Capital to Acquire LANDESK and Combine with Portfolio Company HEAT Software|website=www.ivanti.com|access-date=2018-01-02}} On January 23, 2017, LANDESK and HEAT Software merged to form Ivanti.{{Cite news|url=http://www.brianmadden.com/opinion/Introducing-Ivanti-LANDESKs-new-name-for-all-of-its-products-including-AppSense|title=Introducing Ivanti, LANDESK's new name for all of its products (including AppSense)|work=BrianMadden.com|access-date=2018-01-02|language=en-US}}{{Cite web|url=https://www.ivanti.com/company/press-releases/2017/landesk-and-heat-are-now-ivanti|title=LANDESK and HEAT Software Merge to Form Ivanti|website=www.ivanti.com|language=en-US|access-date=2018-01-02}} The combined company has 1,800 employees in 23 countries{{Cite news|url=http://www.channelbuzz.ca/2017/01/new-ivanti-brand-landesk-heat-union-focus-unified-secure-workplace-message-20018/|title=New Ivanti brand for LANDESK-HEAT union to focus on unified secure workplace message - ChannelBuzz.ca|date=2017-01-23|work=ChannelBuzz.ca|access-date=2018-01-02|language=en-US}}{{cite web|title=LANDesk and Heat Software Merge into Ivanti|url=https://redmondmag.com/blogs/the-schwartz-report/2017/01/landesk-and-heat-software-merge-into-ivanti.aspx|website=redmondmag.com|access-date=29 January 2018}} and markets some products with references to their original names such as Wavelink supply chain software{{Cite web|url=http://www.dcvelocity.com/articles/20170127-wavelink-comes-under-ivanti-name-after-merger/|title=Wavelink comes under Ivanti name after merger – DC Velocity|website=www.dcvelocity.com|access-date=2018-01-02}} and Ivanti patch product ‘powered by Shavlik’.
On April 12, 2017, Ivanti acquired Concorde Solutions, a UK based Software Asset Management company.{{cite web |title=Ivanti, formerly Landesk and Heat Software, buys software asset management vendor Concorde Solutions|url=https://www.crn.com.au/news/ivanti-formerly-landesk-and-heat-software-buys-software-asset-management-vendor-concorde-solutions-458571|website=crn.com.au|publisher=CRN|access-date=29 January 2018}} In July 2017, Ivanti acquired RES Software, a US and Netherlands based company producing automation and identity management software.{{Cite news|url=http://www.brianmadden.com/opinion/Ivanti-scoops-up-RES-Software-Heres-our-full-analysis|title=Ivanti scoops up RES Software: Here's our full analysis|work=BrianMadden.com|access-date=2018-01-02|language=en-US}} Later merged in 2018 into the Workspace Manager product.{{cite web |url= https://www.ivanti.com/blog/res-workspace-and-ivanti-user-workspace-manager-merger-update |title= RES Workspace and Ivanti User Workspace Manager – Merger Update |date= Aug 14, 2018 |first= Jon |last= Rolls |publisher= Ivanti }}
In September 2020, Ivanti entered into an agreement to acquire US based Unified Endpoint Management company MobileIron for $872 million{{Cite web|title=MobileIron to be Acquired by Ivanti to Secure Every Endpoint and Power the Everywhere Enterprise|url=https://www.mobileiron.com/en/company/press-room/press-releases/mobileiron-to-be-acquired-by-ivanti|access-date=2020-09-28|website=Mobileiron.com|language=en}} and San Jose, California based Pulse Secure, for undisclosed terms.{{cite web | url=https://omnisperience.com/index.php/2020/09/29/ivanti-announces-double-acquisition/ | title=Ivanti Announces Double Acquisition | work=Omnisperience| date=29 September 2020 }}
On December 1, 2020, Ivanti announced those acquisitions completed.{{Cite web|url=https://www.ivanti.com/company/press-releases/2020/ivanti-acquires-mobileiron-and-pulse-secure|title=Ivanti acquires MobileIron and PulseSecure|website=www.ivanti.com|access-date=2021-03-09}}
On January 26, 2021, Ivanti announced the intent to acquire Cherwell Software.{{Cite web|url=https://www.ivanti.com/company/press-releases/2021/ivanti-to-acquire-cherwell|title=Ivanti to Acquire Cherwell to Enable End‑to‑End Service and Asset Management|website=www.ivanti.com|access-date=2021-01-26}}
On August 2, 2021, Ivanti acquired RiskSense, a pioneer in risk-based vulnerability management and prioritization, to drive the next evolution of patch management.{{Cite web|url=https://www.ivanti.com/company/press-releases/2021/ivanti-acquires-risksense-to-revolutionize-the-patch-management-market-and-help-customers-proactively-combat-cyber-threats-and-ransomware-attacks|title=Ivanti Acquires RiskSense to Revolutionize the Patch Management Market and Help Customers Proactively Combat Cyber Threats and Ransomware Attacks|website=www.ivanti.com|access-date=2021-08-02}}
Controversies
= 2021 Pulse Connect Secure hack =
{{Further|Ivanti Pulse Connect Secure data breach}}
On April 20, 2021, cybersecurity firm FireEye reported that hackers with suspected Chinese government ties exploited Pulse Secure VPN to break into government agencies, defense companies and financial institutions in Europe and the US. The report detailed how hackers repeatedly took advantage of several known and one novel flaw in Pulse Secure VPN to gain access to dozens of organizations in the defense industrial sector.{{Cite web|title=Check Your Pulse: Suspected APT Actors Leverage Authentication Bypass Techniques and Pulse Secure Zero-Day|url=https://www.fireeye.com/blog/threat-research/2021/04/suspected-apt-actors-leverage-bypass-techniques-pulse-secure-zero-day.html|access-date=2021-04-30|website=FireEye|language=en}}{{Cite web|author=Brian Fung and Geneva Sands|title=Suspected Chinese hackers exploited Pulse Secure VPN to compromise 'dozens' of agencies and companies in US and Europe|url=https://www.cnn.com/2021/04/20/politics/fireeye-pulse-secure-vpn-exploit/index.html|access-date=2021-04-30|website=CNN|date=20 April 2021 }} The US Department of Homeland Security confirmed the intrusions in a public advisory, urging network administrators to scan for signs of compromise. Ivanti published an emergency workaround which DHS urged network admins to install.{{Cite web|title=Exploitation of Pulse Connect Secure Vulnerabilities {{!}} CISA|url=https://us-cert.cisa.gov/ncas/alerts/aa21-110a|access-date=2021-04-30|website=us-cert.cisa.gov}} The Cybersecurity and Infrastructure Security Agency ordered federal civilian agencies to take several steps to reduce risk from the suspected breach.{{Cite web|title=cyber.dhs.gov - Emergency Directive 21-03|url=https://cyber.dhs.gov/ed/21-03/|access-date=2021-04-30|website=cyber.dhs.gov|date=16 July 2020 |language=en-US}} FireEye reported that some of the intrusions using the vulnerabilities began as early as August 2020, conducted by those with suspected ties to the Chinese government. There were similarities between the hack and intrusions in 2014 and 2015 conducted by a Chinese espionage actor named APT5. After further examination, CISA discovered that at least 5 federal agencies had been breached, among 24 agencies that use the Pulse Connect Secure products.{{Cite web|author=Geneva Sands and Brian Fung|title=Five federal agencies potentially breached in Pulse Connect Secure hack|url=https://www.cnn.com/2021/04/29/politics/pulse-connect-secure-vpn-hack-federal-agencies-potential-breach/index.html|access-date=2021-04-30|website=CNN|date=29 April 2021 }}
Other incidents
In January 2024, Chinese government hackers were reported to have targeted Ivanti software to break into other organizations.{{Cite web |last=Lyngaas |first=Sean |date=2024-01-10 |title=Suspected Chinese hackers target US research organization in latest spying spree |url=https://www.cnn.com/2024/01/10/politics/chinese-hackers-research-organization/index.html |access-date=2024-01-12 |website=CNN |language=en}}
References
{{Reflist}}