Sourcefire Fires Up for IPO

Open-source security specialist Sourcefire is set to go public tomorrow and is expected to raise over $75 million.

A source with knowledge of the deal says that Sourcefire will IPO on Friday priced at $13 per share. According to a recent SEC filing, Sourcefire will trade under the symbol "FIRE", offering 5,770,000 shares priced at between $12 and $14.

At least one Wall Street analyst thinks the vendor is likely to top these figures in trading tomorrow. "I would not be surprised if it were higher than $13 per share," says John Fitzgibbon of IPO Scoop. "I have heard that it is over-subscribed."

Sourcefire is the latest in a string of technology firms to go public in recent months, although most of these have been in the storage space. (See Opnext IPO Has Lots of Bandwidth, Mellanox Exceeds IPO Hopes, VMware to Spin Out, and The Slings & Arrows of IPOs.)

Security sector IPOs are much less common, but Sourcefire has been eyeing a public offering since the fourth quarter of last year. (See Sourcefire Shapes Up for IPO.) Last year there was speculation that the vendor's legal battle with NetClarity could stall its IPO plans, although a flurry of S-1 filings this week proves that the public offering is well on track. (See A Public Snort and Sourcefire Lawsuit: An IPO Distraction?)

Sourcefire's flagship technology is its Snort Intrusion Detection system, which was at the heart of both the NetClarity dispute and a headline-grabbing acquisition attempt by Israeli vendor Check Point in 2005. (See Check Point Snaps Up Sourcefire and Check Point Buys Sourcefire.) Check Point eventually backed out of the deal amidst concerns in the U.S. about Snort's importance to the American defense and intelligence communities. (See Check Point, Sourcefire Team and US Checks Check Point.)

At least one analyst told Dark Reading that this experience may have led the firm to its IPO. "It just dragged on so long, maybe it left such a bad taste in their mouth," says Andrew Braunberg, senior analyst at Current Analysis. "There's no doubt that they could have found someone else to buy them."

Sourcefire clearly has close ties with the U.S. Government. Former U.S. Air Force Inspector General Steven Polk joined the Sourcefire board last September, and the firm's S-1 says the 30 largest U.S. government agencies are using Snort to monitor network traffic.

IDS and IPS systems, such as Snort, have been dismissed by some security experts as obsolete in today's constantly evolving threat landscape, although Sourcefire has gained plenty of customer traction during recent months. (See IDS/IPS: Too Many Holes?) The vendor, which claims deployments at more than a quarter of the Fortune 100, increased its annual revenues from $32.9 million in 2005 to $44.9 million in 2006.

Other security vendors will also be watching the progress of the Sourcefire IPO closely to see whether a public offering is now a valid exit strategy for similarly sized firms. Recent years have seen a slew of security M&A activity, as vendors like Cisco snap up specialist players, but S-1s have been relatively few and far between. (See Cisco: Net Net on Security, Cisco's Web Security Play, Cisco Buys IronPort , and Cisco Buys WLAN Security Smarts.)

With big-name vendors looking to build more and more security features into their technology, it is hardly surprising that startups have opted against IPOs, says Braunberg: "Being acquired has been a much better exit strategy for these companies, given the way that the market is consolidating."

The last couple of weeks have roiled Wall Street, as fears of an economic slowdown in China caused stocks to plummet across the world. (See Chinese Shockwaves.) That said, the Dow's recent confused state is unlikely to cause problems for Sourcefire, according to IPO Scoop analyst Fitzgibbon. Recent events were "a speed bump on the superhighway, that's all," he says. "There were days when the Dow Jones lost over 600 points in a single day."

Morgan Stanley is the lead underwriter for the Sourcefire IPO with Lehman Brothers, UBS Investment Bank, and Jeffries & Company also participating.

— James Rogers, Senior Editor Byte and Switch