Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

Sourcefire Fires Up for IPO

Open-source specialist will finally end the drought of security IPOs

Open-source security specialist Sourcefire is set to go public tomorrow and is expected to raise over $75 million.

A source with knowledge of the deal says that Sourcefire will IPO on Friday priced at $13 per share. According to a recent SEC filing, Sourcefire will trade under the symbol "FIRE", offering 5,770,000 shares priced at between $12 and $14.

At least one Wall Street analyst thinks the vendor is likely to top these figures in trading tomorrow. "I would not be surprised if it were higher than $13 per share," says John Fitzgibbon of IPO Scoop. "I have heard that it is over-subscribed."

Sourcefire is the latest in a string of technology firms to go public in recent months, although most of these have been in the storage space. (See Opnext IPO Has Lots of Bandwidth, Mellanox Exceeds IPO Hopes, VMware to Spin Out, and The Slings & Arrows of IPOs.)

Security sector IPOs are much less common, but Sourcefire has been eyeing a public offering since the fourth quarter of last year. (See Sourcefire Shapes Up for IPO.) Last year there was speculation that the vendor's legal battle with NetClarity could stall its IPO plans, although a flurry of S-1 filings this week proves that the public offering is well on track. (See A Public Snort and Sourcefire Lawsuit: An IPO Distraction?)

Sourcefire's flagship technology is its Snort Intrusion Detection system, which was at the heart of both the NetClarity dispute and a headline-grabbing acquisition attempt by Israeli vendor Check Point in 2005. (See Check Point Snaps Up Sourcefire and Check Point Buys Sourcefire.) Check Point eventually backed out of the deal amidst concerns in the U.S. about Snort's importance to the American defense and intelligence communities. (See Check Point, Sourcefire Team and US Checks Check Point.)

At least one analyst told Dark Reading that this experience may have led the firm to its IPO. "It just dragged on so long, maybe it left such a bad taste in their mouth," says Andrew Braunberg, senior analyst at Current Analysis. "There's no doubt that they could have found someone else to buy them."

Sourcefire clearly has close ties with the U.S. Government. Former U.S. Air Force Inspector General Steven Polk joined the Sourcefire board last September, and the firm's S-1 says the 30 largest U.S. government agencies are using Snort to monitor network traffic.

IDS and IPS systems, such as Snort, have been dismissed by some security experts as obsolete in today's constantly evolving threat landscape, although Sourcefire has gained plenty of customer traction during recent months. (See IDS/IPS: Too Many Holes?) The vendor, which claims deployments at more than a quarter of the Fortune 100, increased its annual revenues from $32.9 million in 2005 to $44.9 million in 2006.

Other security vendors will also be watching the progress of the Sourcefire IPO closely to see whether a public offering is now a valid exit strategy for similarly sized firms. Recent years have seen a slew of security M&A activity, as vendors like Cisco snap up specialist players, but S-1s have been relatively few and far between. (See Cisco: Net Net on Security, Cisco's Web Security Play, Cisco Buys IronPort , and Cisco Buys WLAN Security Smarts.)

With big-name vendors looking to build more and more security features into their technology, it is hardly surprising that startups have opted against IPOs, says Braunberg: "Being acquired has been a much better exit strategy for these companies, given the way that the market is consolidating."

The last couple of weeks have roiled Wall Street, as fears of an economic slowdown in China caused stocks to plummet across the world. (See Chinese Shockwaves.) That said, the Dow's recent confused state is unlikely to cause problems for Sourcefire, according to IPO Scoop analyst Fitzgibbon. Recent events were "a speed bump on the superhighway, that's all," he says. "There were days when the Dow Jones lost over 600 points in a single day."

Morgan Stanley is the lead underwriter for the Sourcefire IPO with Lehman Brothers, UBS Investment Bank, and Jeffries & Company also participating.

— James Rogers, Senior Editor Byte and Switch

  • Check Point Software Technologies Ltd. (Nasdaq: CHKP)
  • Current Analysis
  • Cisco Systems Inc. (Nasdaq: CSCO)
  • CommVault Systems Inc.
  • Isilon Systems Inc. (Nasdaq: ISLN)
  • Jefferies & Company Inc.
  • Lehman Brothers
  • Riverbed Technology Inc. (Nasdaq: RVBD)
  • Securities and Exchange Commission (SEC)
  • Sourcefire Inc. (Nasdaq: FIRE)
  • UBS Investment Bank

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    COVID-19: Latest Security News & Commentary
    Dark Reading Staff 9/25/2020
    Hacking Yourself: Marie Moe and Pacemaker Security
    Gary McGraw Ph.D., Co-founder Berryville Institute of Machine Learning,  9/21/2020
    Startup Aims to Map and Track All the IT and Security Things
    Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/22/2020
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon
    Current Issue
    Special Report: Computing's New Normal
    This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
    Flash Poll
    How IT Security Organizations are Attacking the Cybersecurity Problem
    How IT Security Organizations are Attacking the Cybersecurity Problem
    The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2020-25137
    PUBLISHED: 2020-09-25
    An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to Cross-Site Scripting (XSS) due to the fact that it is possible to inject and store malicious JavaScript code within it. This can occur via the alert_name or alert_message parameter to the /a...
    CVE-2020-25138
    PUBLISHED: 2020-09-25
    An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to Cross-Site Scripting (XSS) due to the fact that it is possible to inject and store malicious JavaScript code within it. This can occur via /alert_check/action=delete_alert_checker/alert_test...
    CVE-2020-25139
    PUBLISHED: 2020-09-25
    An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to Cross-Site Scripting (XSS) due to the fact that it is possible to inject and store malicious JavaScript code within it. This can occur via la_id to the /syslog_rules URI for delete_syslog_ru...
    CVE-2020-25140
    PUBLISHED: 2020-09-25
    An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to Cross-Site Scripting (XSS) due to the fact that it is possible to inject and store malicious JavaScript code within it. This can occur in pages/contacts.inc.php.
    CVE-2020-4531
    PUBLISHED: 2020-09-25
    IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.0, 8.5, and 8.6 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the sy...