San Francisco-based Splunk has released version 2.0 of its Splunk App for Enterprise Security to reinforce its commitment to the security capabilities of the company’s flagship software for collecting, indexing and harnessing machine data. Tied closely to its Splunk App for Enterprise Security 2.0 release, the company released Splunk Enterprise 4.3 with a focus on ease of use, manageability and a new non-flash user interface aimed at enabling the use of mobile devices for viewing and managing the product. Finally, Splunk has been granted US Patent No. US 8,112,425 B2 – a timely award given Splunk’s pending IPO. This is Splunk’s second patent. In 2011, Splunk was issued a patent for organizing and understanding machine data through use of a ‘machine data web.’ The technology covered by these patents helps power Splunk Enterprise 4.3.
After adding several new products and services to its growing security and compliance portfolio, Qualys let the cats out of the product roadmap bag at the annual RSA Security Conference in San Francisco. The vulnerability management company announced enhancements to its QualysGuard Cloud Platform, including the new QualysGuard Customizable Questionnaire service, WAF, Enterprise Edition of the QualysGuard Malware Detection Service, virtualized scanners, Dynamic Asset Tagging technology, and the Zero-Day Risk Analyzer that includes VeriSign’s iDefense zero-day vulnerabilities and global threats.
We suspect that the Customizable Questionnaire service and Dynamic Asset Tagging enhancement provide a glimpse into what a Qualys-backed IT GRC platform might look like should the company decide to move into that space – something we suspect will eventually happen as the company moves forward. The company’s investment in malware-related products shows that Qualys plans to diversify its portfolio and provide proactive products to address threats. It also doesn’t hurt that Qualys’ diversification strategy is allowing for tuck-in product and services sales to help bolster its bottom line by preventing additional dollars from going elsewhere.
TIBCO Software has announced that it has signed a definitive agreement to acquire log and security management vendor LogLogic. The company says that adding the San Jose-based log player will expand TIBCO’s operational intelligence offerings while enabling customers to monitor real-time events, assess risks and address emerging threats and opportunities. TIBCO claims that LogLogic will build on its capabilities in event processing and in-memory analytics to provide additional compliance, security and operational visibility.
TIBCO’s reach for LogLogic marks the third significant SIEM acquisition by a publicly traded buyer in the past half-year. However, it is the first recent purchase by a company that didn’t have an existing security offering. (The earlier pickups of Q1 Labs and NitroSecurity, which printed on a single day in early October, were made by IBM and McAfee, respectively.)
According to our understanding, LogLogic’s trailing sales would put it between the two SIEM startups that were acquired last fall. We estimate that 10-year-old LogLogic, which counted some 1,000 customers, generated just under $40m in revenue last year. LogLogic’s growth rate may also not have been as healthy as NitroSecurity or Q1 Labs’. We suspect that may also be reflected in the multiple that LogLogic got in its sale. While Q1 Labs fetched almost 9 times trailing sales and NitroSecurity got more than 5x trailing sales, we would put the multiple for LogLogic below that. Loosely, we would pencil out the purchase price, which wasn’t disclosed by TIBCO, at somewhere in the neighborhood of $125m.