Risk
2/28/2008
08:50 PM
George V. Hulme
George V. Hulme
Commentary
Connect Directly
RSS
E-Mail
50%
50%

Sourcefire's Earnings Not So Hot. CEO Jackson Ousted.

Network security provider Sourcefire announced its earnings yesterday. The less-than-spectacular results show a company fighting numerous headwinds. So can it set its sail straight?

Network security provider Sourcefire announced its earnings yesterday. The less-than-spectacular results show a company fighting numerous headwinds. So can it set its sail straight?As a refresher for those who may not be familiar with Sourcefire, the company was founded in 2001 by Martin Roesch, the creator of the open source intrusion detection system known as SNORT. Sourcefire provides, among other network security capabilities, a management platform for SNORT. Sourcefire has a wealth of customers in health care and financial services, and is well entrenched in the U.S. armed services.

It's still not enough to help the company. In this latest quarter, Sourcefire reported revenue of $19.3 million and earnings per share at 10 cents. The Street estimated 20 million in revenue and 14 cents a share. Shares were down 10% in after-hours trading, and closed today at $6.34.

Shortly after its initial public offering in March of last year, Sourcefire's stock hit $18.00 a share -- and it's been an agonizing slugfest downward ever since. The big surprise during Thursday's call, at least to me, was the fact that six-year chairman and CEO Wayne Jackson is stepping down:

I am sure you've all seen the other press releases that we sent out this afternoon, announcing my decision to step down as Chairman and CEO of Sourcefire after a very productive six years with the company. When I joined Sourcefire, we were a small venture backed startup. Today, we are a strong public company that is well poised for future growth.

The board has commenced the search process for my successor. And given the strength of the company, I am confident that we will be able to attract a world class executive, who will help Sourcefire continue to build the operational and execution capabilities we need to manage our continued growth and increase shareholder value.

It's tough to guess about conversations that occur behind closed doors, but it looks like Jackson was tossed over the fence.

My prediction is whoever the replaces Jackson will have a number of challenges to overcome, and why I wouldn't expect Sourcefire to spark an upward bull run.

First, enterprise IT budgets heading south. IT security is more of a "discretionary" spend than many of us would like to believe. And, perhaps most important, enterprises are more interested in devices that handle a multitude of security threats -- from intrusion detection/prevention, firewall, anti-malware, content filtering, and short-order cooking ...

But there may be a life preserver tossed Sourcefire's way this year.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0103
Published: 2014-07-29
WebAccess in Zarafa before 7.1.10 and WebApp before 1.6 stores credentials in cleartext, which allows local Apache users to obtain sensitive information by reading the PHP session files.

CVE-2014-0475
Published: 2014-07-29
Multiple directory traversal vulnerabilities in GNU C Library (aka glibc or libc6) before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. (dot dot) in a (1) LC_*, (2) LANG, or other locale environment variable.

CVE-2014-2226
Published: 2014-07-29
Ubiquiti UniFi Controller before 3.2.1 logs the administrative password hash in syslog messages, which allows man-in-the-middle attackers to obtains sensitive information via unspecified vectors.

CVE-2014-3541
Published: 2014-07-29
The Repositories component in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote attackers to conduct PHP object injection attacks and execute arbitrary code via serialized data associated with an add-on.

CVE-2014-3542
Published: 2014-07-29
mod/lti/service.php in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) is...

Best of the Web
Dark Reading Radio