December 01, 2010

"I'll Follow the Sun"

Now that HP has completed its acquisition of ArcSight, it's going to be interesting to see how the new distribution of power in the security business evolves. Intel, with a combination of its semiconductor business and its venture capital investments (many say it's the largest corporate investor) may draw McAfee into the innards of the processor world which could be really disruptive. ArcSight a company which had a comprehensive long term vision of the systems side of security now has the financial capacity to quickly acquire adjacent technologies as a way of quickly filling out its vision encouraged by HP which wants to grow its software business. We can't wait to see what will happen.

Posted at 03:56 PM in ArcSight, HP, Intel, McAfee | | Comments (0) | TrackBack (0)

"Everybody's Trying To Be My Baby"

Governance as a value propositionWe recently caught up with an old friend Joe Fantuzzi, who has taken the helm at Agiliance, an interesting startup focusing on Risk Management. Each year, compliance is playing a bigger role as vendors try to move "up the stack" from security (which organizations would rather not spend money on since security doesn't contribute to the bottom line) to compliance and risk management (which can deliver important business value). Plus the move toward governance ultimately can improve the quality of IT operations. From a long term vision view Agiliance has some similarities with Arc Sight, in no small part due to the technical founder, Pravin Kothari, having previously cofounded ArcSight. It's going to be interesting to watch companies in this emerging category as they evolve their value propositions.

Posted at 03:54 PM in ArcSight, compliance, Joe Fantuzzi, Pravin Kothari, risk management | | Comments (0) | TrackBack (0)

September 16, 2010

Holy Cow

HP's announcement this week that it's acquiring ArcSight for $1.5B is a huge event in the infrastructure space for a number of reasons not the least of which is ArcSight's strategy. Five years ago there were 10 to 15 Security Event Management companies mostly funded by venture capital. Back then it was hard to tell the differences between these companies as they kept leapfrogging each other with new features and capabilities. Eventually ArcSight became the market leader when it re-engineered its user interface with a very graphic visualization of the network topology and the events being monitored. The company kept its leadership by continuing to enhance its value proposition by adding adjacent functionality like event correlation and compliance onto the ArcSight platform and by continuing with its direct sales model. For reasons which we may never understand, the competitors had trouble keeping up as ArcSight continued to gain market share. Cisco, IBM, Novell and EMC all made acquisitions in this space and in one way or another dropped the ball without gaining significant market share. But HP's acquisition of ArcSight is a big event for another reason - the consolidation of security. Last month it was Intel's acquisition of McAfee. This month it's HP and ArcSight. What's next? Who is next?

9-16-10

Posted at 11:30 AM in ArcSight, Cisco, EMC, IBM, Novell, Security Event Management | | Comments (0) | TrackBack (0)

Nice Guy

A few months ago we wrote about a meeting we had with Tom Reilly, CEO of ArcSight — initially taking the company public which eventually led the way to this week's acquisition by HP. Tom told us a story which we've retold many times about the time he met with a company's CEO a few days after that company was in the news due to a data breach which had gone on for more than a year revealing the confidential information of thousands of customers. The CEO challenged him and asked "how would you have prevented this from happening?" His reply was "geez, there probably isn't a product around that would have prevented your data breach but if you were using our product the breach would have been identified within a few hours and not go on for more than a year." There's lots of wisdom in that response - Tom's got a great perspective — it will be interesting to see what happens post acquisition.

Posted at 11:24 AM in ArcSight, Tom Reilly | | Comments (0) | TrackBack (0)

March 15, 2010

RSA 2010

For years we've listened as Art Coviello, RSA's CEO, kicked off the RSA conference keynotes with his view of the industry. Whether you like him or not, it's his show so he gets to set the stage for what follows. Three years ago Art C. predicted the demise of the independents in the security business — consolidation and collapse of the many independent firms was on the horizon as the major players swept up features and functions till all we had left would be a "Snow White and the Seven Dwarfs" type of market (and you could guess who would be Snow White). While sounding dramatic at the time it was largely wrong in large part due to the fact that security is not a static problem but changes on both the user side and the attacker side. You don't have to look far for proof that the independents have done well in the past few years — ArcSight and SourceFire might be the most visible proof of this. In this year's keynote, he talked about the importance of the cloud and the need for security in order to make Cloud Computing adoption happen. And the topic of securing the Cloud was pretty much the most popular topic of the vendor keynotes. The Cloud is viewed as a security opportunity that no one wants to miss. But what does that mean? Right now Cloud security is pretty much a PowerPoint battle, with vendors crossing out the word "Server" in their old presos and putting in the words "Cloud Computing." Three years ago the business consolidation prediction for security turned out to be wrong. It may well end up that the Cloud security promoters don't yet understand how things will evolve.

Posted at 04:06 PM in ArcSight, RSA, Sourcefire | | Comments (0) | TrackBack (0)

Just Warming Up

 Last week we met with Tom Reilly, president and CEO of ArcSight. Tom became CEO about 18 months ago when the stock price was just under $7.00 and underwater from the company's initial public offering. Over the next six weeks the stock price continued to plummet to $4.74. Since then and despite the recession Reilly has presided over a mercurial rise with the stock price surpassing $25 and the most recent quarter revenues growing to $46.1M from the prior year's $36.4M (27% increase). Although quarter to quarter sales dipped midyear 2009, quarterly revenue has grown from $32M to $46M in the past six quarters. What's more, the company has a market cap of $900M and $107M in cash putting the company as a potential buyer of adjacent products that can be sold to its customer base. As the market leader in the Security Event Management space Reilly doesn't want to be defined or limited by "security" events and instead prefers to define a broader category he calls ETRM — Enterprise Threats and Risk Monitoring. The nearest competitor seems to be EMC/RSA combining its recent acquisition of Archer (Jan 2010) with its earlier (9/06) acquisition of Network Intelligence to provide similar ETRM capability. Even though the SEM category is seeing more pressure as new log management entrants like Splunk join the fray Reilly doesn't see an expanding field as a problem as he keeps ArcSight focused on the value end of the business. With a successful 18 months behind him, a high market capitalization and a hundred million in the bank it will be interesting to watch Reilly's strategic moves as he builds out ArcSight's ETRM category. (We'll leave out the part that everyone likes Tom, one of the easiest guys to get along with in the valley and write that story for a subsequent issue.)

Posted at 04:05 PM in ArcSight, ETRM, Security | | Comments (0) | TrackBack (0)

November 30, 2009

It's All Good

Our corner of the world — "infrastructure" — has been beaten up over the past couple of years by financial types wondering how new companies in this space can ever make significant returns for venture investors. In the past few years acquisition has been the preferred exit strategy, often at a distressed price. "Home runs" have been few and far between. But 2009 looks like the beginning of a new chapter in that book. Four public infrastructure companies that we watch — ArcSight, Acme Packet, Riverbed and Sourcefire — went public between late 2006 and early 2008. For the most part they hovered around their offering price, in some cases spending many months below it. But that's changed. Despite the recession, 2009 has been a wonderful year for this group as the table below shows — with ArcSight leading the pack at 5x its share price at the beginning of the year. It's probably too soon to pontificate about these.

 Infrastructure Recent IPO's Growth in 2009

Chart3

Posted at 04:55 PM in Acme Packet, ArcSight, Infrastructure, IPO's, Riverbed Technology, Sourcefire | | Comments (0) | TrackBack (0)

March 17, 2008

Infrastructure Stocks Struggle

After watching so many acquisitions in the infrastructure sector occur over the past five years, it's been our hope that the IPO market for infrastructure companies would pick up so that we could get back to the good old days and have multiple exit alternatives for successful infrastructure startups. And with the infrastructure IPOs that have occurred in the past year, it looked like that was finally happening. VMware's IPO last summer seemed to be a clear indicator -- after coming out in the fifty-ish range it doubled to the $115 range by November. But VMware has seen its price tumble to the mid $50 range. And other infrastructure IPOs looked good early on too -- Sourcefire and Acme Packet each looked like IPO poster boys for success. But the market has been brutal this past fall and winter -- both companies are now trading at their lowest levels since their IPOs and have lost over half of their market value. And Riverbed Technology has been trading in the $18 range, near its IPO price, after breaking $50 last fall. Despite all of these indicators, in what you could call a daring move, ArcSight went public in mid February, priced at $9 per share, a level that it hasn't closed at since its IPO (that's got to be an ugly story when you get into the details, talk about poor timing...). Of course, when you try to read the tealeaves on how the public market treats infrastructure, you have to consider how Cisco is faring since it sets the stage for so much of the business -- CSCO is trading around $24, down about 30% since its recent high this past fall.

Posted at 04:22 PM in Acme Packet, ArcSight, Cisco, Riverbed Technology, Sourcefire, VMware | | Comments (0) | TrackBack (0)

About

Our Book

Recent Posts

IRG-Intl

Categories

Newsletter Archives

Email Updates

Infrastructure2.1 Feeds

  • Subcribe to John's Feed
  • Subscribe to Peter's feed

Fellow Travelers

Search