Sourcefire Lawsuit: An IPO Distraction?

NetClarity claims that the Snort developer infringed on its intellectual property

Dark Reading logo in a gray background | Dark Reading

Sourcefire's recent decision to go public set the security industry afire with some much-needed excitement after an IPO drought. But a lawsuit filed by NetClarity against Sourcefire, disclosed in an SEC S-1 filing may have a chilling affect on other small security firms considering IPOs. (See A Public Snort.)

A successful Sourcefire IPO could reinvigorate firms that develop and go commercial with open source software, says Nick Selby, a senior analyst with The 451 Group, which has been studying and following the lawsuit against Sourcefire, developer of the popular open source Snort intrusion detection system. But the lawsuit -- in which NetClarity alleges Sourcefire inappropriately used its trade secrets -- could also be a major distraction to the IPO, he told Dark Reading in an interview.

The 451 Group has been following the case closely since the IPO filing. "We don't have any opinion about the case," Selby says. "Many in the industry are watching this IPO for more than just Sourcefire's success. It's important because many entrepreneurs and security companies are seeing how Sourcefire fares to determine if an IPO is a viable exit for security companies with revenues under $100 million. And seeing a company built on open source succeed and go public is a key validation for open source. And third, larger companies are watching to see if this is a new climate for security IPO's."

"As it says in its S-1 filing, regardless of the merits of the case, it is potentially a major distraction to Sourcefire as it gears up for a very anticipated IPO," Selby says.

A Sourcefire spokesperson says: "We deny each and every count contained in the plaintiff's complaint and we intend to continue to defend against this lawsuit vigorously."

NetClarity CTO Gary Miliefsky said in an email exchange that his company had no comment on the case.

Selby notes that NetClarity/PredatorWatch is also asking in its case whether Check Point had discovered anything relevant to the lawsuit during the due diligence process it underwent earlier this year when it was going to acquire Sourcefire. (In the end, the two companies called off the deal.) Check Point did not respond to requests for an interview for this article.

Other analysts, meanwhile, contend that NetClarity's lawsuit won't have an impact on Sourcefire's IPO. "It seems to me like NetClarity is clutching at straws here and trying to shake some coins out of Sourcefire," says Mike Rothman, president and principal analyst with Security Incite. "[They are] trying the case in the media instead of in the courts. It would be very difficult, if not impossible, to prove in court that this patent issue had any bearing on the [Check Point] deal falling apart."

"I don't think this has any impact on anything -- certainly not customers, and it will be years before this would be resolved to impact investors if Sourcefire gets their deal done," Rothman says.

One source close to the case says it's still just a nuisance suit, and basically the attention around it is a result of Sourcefire's IPO being the first one in a long time for the security industry.

"What happened here is everyone went over Sourcefire's S-1 with a fine-toothed comb because they're the first security IPO in ages. And everyone noticed the lawsuit," the source says. "But any company large enough to consider an IPO has probably dealt with many nuisance lawsuits."

In the lawsuit, NetClarity, formerly known as PredatorWatch, alleges that Sourcefire and its CTO Martin Roesch, and some general partners of Inflection Point Ventures "misappropriated the plaintiff's trade secrets;" "breached an oral agreement of confidentiality" and a "covenant of good faith and fair dealing owed to the plaintiff," and that Sourcefire "unjustly enriched" and "misrepresented certain material facts to the plaintiff," and "engaged in unfair and deceptive acts."

At the heart of the dispute, Selby explains in a recent blog, is theft of intellectual property and "unjust enrichment." "The suit claims that after PredatorWatch approached Inflection Point Ventures in June 2004 for an investment and possible partnership with Sourcefire, Inflection Point Partners called in Roesch to review PW's technology. Inflection Point Partners admits PW gave it a slide deck marked 'Corporate confidential and trade secret' and 'Copyright,' and that PW CTO Gary Miliefsky presented it to IPV," Selby writes in his blog.

"It admits Miliefsky told Inflection Point Partners that PW had patent applications pending. PW claims the presentation contained confidential and proprietary trade secret information about architectural features and operational mechanics of its product. The suit claims that a year later, Sourcefire upgraded its [Real-Time Network Awareness] RNA/3D system to provide this functionality," he says in his blog.

— Kelly Jackson Higgins, Senior Editor, Dark Reading

About the Author

Kelly Jackson Higgins, Editor-in-Chief, Dark Reading

Kelly Jackson Higgins is the Editor-in-Chief of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise Magazine, Virginia Business magazine, and other major media properties. Jackson Higgins was recently selected as one of the Top 10 Cybersecurity Journalists in the US, and named as one of Folio's 2019 Top Women in Media. She began her career as a sports writer in the Washington, DC metropolitan area, and earned her BA at William & Mary. Follow her on Twitter @kjhiggins.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights