Posted by: maxsteel
Security Vendor News
OK, allow me some journalistic license here when I say that if you squint a little bit sitting across from Marty Roesch that he could pass for Ray Romano. If you’re not buying that, then you have to at least buy the notion that Everybody Loves Marty.
Marty, for the uninitiated, wrote Snort in his basement back in the day. He open-sourced his homegrown IDS and more than three million downloads later, it’s become a behemoth and largely thought of as the standard for IDSes. Marty also built Sourcefire–with a bit of help–into a thriving pure-play security company that continues to develop Snort commercially and open source.
Talk to security professionals about almost any vendor, and their face will contort into a painful combination of wrinkles and furrowed brows. The derision in their voice is as uncomfortable. But turn that conversation toward Snort/Sourcefire and it becomes clear that Sourcefire is one of the few exceptions.
For example, when Check Point came a calling last year, checkbook in hand, people were protective of Sourcefire and Snort, wanting assurances that Snort would remain open source and development would continue. Yet at the same time, people felt badly for Roesch and company when the government intervened in the acquisition and it went south.
Sourcefire got its payoff recently when it went public in March and raised more than $70 million. But since then, it missed its first quarter targets, blaming a few deals that didn’t close or were shorter than expected. Not a great start and it probably raised a few eyebrows. But those are the pains of doing business quarter-to-quarter.
In February, I had a sit-down with Marty Roesch at RSA, right in the middle of Sourcefire’s quiet period, so he couldn’t be candid about the IPO, but he was forthcoming about plenty more:
On the fall of the Check Point deal: “There were people [at Sourcefire] who wanted the deal to finish up, get the money and get out. And there were other people who like the company the way it was, and if they were going to make some money, that was nice, but building the thing we’ve built is hard to do, and it’s almost a shame to sell it because you lose the culture and all the other things.”
On going public: “We’re so big now, there’s a small number of companies that could buy us, we might never get bought. Let’s do what we planned to do originally, run this company independently for the foreseeable future. As a credit to our management and operations teams, everyone has executed. It’s crazy, but it’s like the Terminator, you can’t stop it, it has a life of its own. It’s cool.”
On Gartner’s “IDS is Dead” claim: “It hurt initially, because it really slowed down our sales cycles. … It forced us to do something radical like build RNA, or get killed like most startups. I don’t like to lose, so we built RNA. The ‘IDS is dead’ thing was an annoyance, but one of those things that forges the company, gets everyone on the same page and crystallizes our drive to succeed. I still run into it from time to time.”
And finally, on balancing being a commercial company with Sourcefire’s open source interests: “One of the things executives get when they come on board is that we’re not gonna close-source this, you better get used to the idea of developing technology, making it really good and giving it away for free. If you can’t get used to that, don’t take the job. I like to remind people at Sourcefire that any time we mess with the community, they all have my email address and I’m the guy they get on.”