Symantec Buys Javelin Networks and AppthoritySeparately, Thoma Bravo Moves to Acquire Veracode Software From Broadcom
Symantec on Monday announced not one but two acquisitions of privately held cybersecurity firms: Javelin Networks and Appthority. Meanwhile, a private equity firm announced that it will acquire application security testing firm Veracode from Broadcom for $950 million in cash.
In other recent tech sector M&A activity in recent weeks, IBM announced it wil buy Red Hat for $34 billion to bolster its competitiveness in the cloud marketplace.
Active Directory Defense
To offer better endpoint protection, Symantec, based in Mountain View, California, says it's acquired privately held Javelin Networks. The company was founded in 2014 in Tel Aviv. It has employees based in Israel and the U.S. Terms of the deal were not disclosed.
As of Monday, Javelin is part of Symantec's endpoint security business, which plans to capitalize on Javelin's Active Directory security tools designed to identify misconfigurations as well as hack attacks.
Using Javelin "can help expose exploitable backdoors in AD and stop attacks at the point of breach while preventing lateral movement," says Javed Hasan, senior vice president of endpoint and data center products at Symantec.
Mobile App Security
Symantec on Monday also announced that it has acquired privately held mobile application security vendor Appthority, with which it had worked as part of its Symantec Ventures early-stage cybersecurity startup funding investment initiative.
Appthority, based in San Francisco, also is now part of Symantec's endpoint protection business. Terms of the deal were not disclosed.
Symantec says it will build Appthority's technology into Symantec Endpoint Protection Mobile, which includes technology Symantec obtained via its acquisition of mobile threat defense firm Skycure last year.
"Mobile apps are a critical threat vector that every company must address to protect their enterprise security," says Adi Sharabani, senior vice president in charge of modern OS security at Symantec. "The Appthority technology extends SEP Mobile's capabilities in limiting unwanted app behaviors, supporting regulatory compliance, and assessing vulnerabilities."
Via its Integrated Cyber Defense platform, Symantec now "offers solutions that can protect modern and traditional endpoints - Windows, MacOS, Linux, iOS, and Android - at the device, application, network, identity and cloud layers," Sharabani says.
Symantec Reports Earnings
Symantec on Thursday reported fiscal 2019 second quarter revenue of $1.18 billion, which beat expectations by 2.6 percent, but was down 5.2 percent from the same quarter last year due to challenges in both its enterprise and consumer business units.
"In enterprise security, we are concerned about the momentum loss in the first half. And in our consumer digital safety business, our direct customer counts in each Q1 and Q2 were slightly down both sequentially and year-over-year," Gregory S. Clark, CEO of Symantec, said on a Thursday earnings call.
Clark joined Symantec in August 2016 via its acquisition of Blue Coat Systems, where he was CEO.
"On the positive side, we have a healthy pipeline in our enterprise security business, which is supported by the seasonality in the back half of this year," he said. "And in our consumer digital safety business, we are seeing ARPU [average revenue per user] increases driven in part by successful cross-sell, as well as retention rate increases for our direct customer base."
Clark said Symantec is looking to get more revenue from its enterprise security division.
"We expect enterprise security segment organic revenue will grow in the high single to low double-digits year-over-year," he said.
Symantec's Investigation Concludes
It's been a challenging year for Symantec, which in May said it was launching an investigation into how past financial results were reported, based on allegations aired by a former employee. That sent the value of its stock tumbling by a third, and it has yet to recapture most of that lost value.
But on Sept. 24, Symantec reported that the audit committee commissioned by its board of directors concluded that no historical earnings needed to be reinstated, except for "a specific transaction with a customer entered into in the fourth quarter of fiscal year 2018 (ended March 30, 2018)."
Private Equity Firm Snaps Up Veracode
Meanwhile, private equity firm Thoma Bravo says it expects its planned acquisition of Veracode, based in Burlington, Massachusetts, to close before the end of the year, subject to regulatory approval.
The company's acquisition of Veracode would make it one of 30 enterprise security companies that the San Francisco-based private equity firm has at one time acquired, including SailPoint, Barracuda Networks, LogRhythm, Bomgar, Blue Coat, SonicWall and Entrust.
Sam King, currently senior vice president and general manager of Veracode - a division of Broadcom - will become the CEO of Veracode following the close of the transaction.
"As long-term investors in cybersecurity software, we are impressed with the speed and quality of innovation at Veracode," says Seth Boro, a managing partner at Thoma Bravo.