Having swallowed Brightmail earlier in the summer, Symantec has announced that it is to acquire the highly-regarded IT security consultancy @Stake for an undisclosed sum.

The move comes a month after arch rival McAfee’s announced it was to buy a similar outfit, Foundstone, for $86 million in cash. The purchase of @Stake is expected to be completed by October, Symantec said.

The company markets specialised security management software and a suite of vulnerability and assessment services under the SmartRisk banner. Symantec will also have been attracted by its client list which is claimed to include many of the world’s largest financial institutions.

On the face of it, this is just another in a growing list of security buy-outs as ambitious vendors look to diversify. However, @Stake occupies an interesting place in the security industry’s uneasy and loose fraternity, having been founded by a group of self-declared “grey-hat” hackers who sought to turn a profit from their expertise by playing by the rules whilst remaining independent of vendors.

That independence is obviously now history.

A year ago, the company created a stir after contributing to a CCIA-sponsored report that claimed that Microsoft’s “monoculture” dominance of the software industry was having a negative effect on security. One of the report’s authors, @Stake CTO Dan Geer, subsequently lost his job over the affair as @Stake backed down from the report’s controversial conclusions.