Symantec has bought security compliance software company BindView for $209 million.

Both companies provide software to help businesses comply with regulatory requirements such as Sarbanes-Oxley in the US or Basel II in Europe.

Symantec's security systems use software agents to ensure compliance with security policies, while BindView's approach is agentless, Symantec said. The two approaches are complementary, it said. The agent-based approach is more suited to complex, mixed IT environments, while the agent-less model requires fewer staff to manage and is suited to companies with large numbers of similar systems spread across many sites.

Symantec VP Ajei Gopal had this to say: "Today's global organisations are challenged by an ever changing security environment and by the need to meet multiple government regulations... Not only will we be able to meet customers' IT security and policy compliance needs with a complete range of product capabilities, but we will also be able to help reduce the cost and complexity associated with compliance."

BindView CEO Eric Pulaski was positive: "We are thrilled to combine our agent-less technology with Symantec's complementary industry leading products to create a powerful solution set that will offer customers comprehensive capabilities for meeting the critical demands of their IT infrastructures."

Last month, Symantec bought WholeSecurity, a company that develops software for detecting new viruses based on their behaviour, rather than their code. In August, it bid for another security compliance software developer, Sygate Technologies.