In September 2010, HP acquired Fortify Software for what Forbes reported was about $265 million and was later folded into HP’s Software Division. Founded in 2003, Fortify makes products and services designed to protect companies from security threats in business software applications, and raised $40 million in 2003 from Kleiner Perkins and Sigma Partners.
Today, we’ve learned that HP Fortify and HP’s enterprise security have sustained some notable personnel losses, which stand to benefit a startup called AlienVault. Founded in 2007, the Silicon Valley-based AlienVault produces unified security management solutions for better threat management, not unlike Fortify. However, AlienVault is the creator of Open Source Security Information Management (or “OSSIM”), which provides a set of tools that allow network and security administrators to access a detailed view of their networks, hosts, devices, servers, etc.
The startup calls OSSIM the “de-facto standard open source security information and event management” system, and the solution has racked up 160,000 downloads and users in over 80 countries, with its customers primarily consisting of defense departments, government organizations, banks and enterprises. In other words, the company develops advanced cyber security products that unifies management of critical security systems and processes across the network, like vulnerability scanning, etc., for customers like the Telefonica, Metro Madrid and the European Aeronautic Defense and Space Company.
And Today, AlienVault has officially become the new employer of seven former Fortify and HP executives, including the appointment of Barmak Meftah as president and chief executive, and Roger Thornton as CTO. Meftah was formerly the CPO at Fortify, and Thornton is the founder and former CTO.
The new chief executive was also formerly the vice president of software security products at HP, where he led SPI Dynamics as well as Fortify after its acquisition by HP. He has also held senior management positions at Synchron, Oracle, and Price-Waterhouse. Thorton, too, is a Silicon Valley veteran, having held management roles at eBay, E*Trade, Apple, and Sun. The two together led the sale to HP in 2010.
Joining Meftah and Thornton on AlienVault’s leadership team are Jim Yares, Richard Kirk, John Richardson, Jack Marshall and Gail Boddy, all former VPs and executives at HP Fortify, with the exception of Boddy, who was vice president of human resources at HP ArcSight (ArcSight was acquired by HP in September 2010 for $1.5 billion.)
Obviously, AlienVault wasn’t going to acquire Fortify from HP, but they’ve seemingly done the next best thing. Meftah told TechCrunch that the allure was AlienVault’s technology, which he echoed is one of the more widely-deployed security information and event management solutions (SIEM) on the market.
The new chief executive said that HP Enterprise Security business is doing very well — “so it wasn’t about that” — instead he said that the market for SIEM is growing fast and that AlienVault’s solutions make it uniquely positioned to take advantage. With the level of escalated cyber attacks and hacking last year, more so than ever before organizations realize security is an issue that needs to be addressed from the top down, and SIEM, he says, is one of the fastest growing segments within the security market.
Meftah wouldn’t say whether the team is raising a big series B, but clearly there’s something good brewing over at AlienVault. For more, check them out at home here.
AlienVault enables enterprises of all sizes to quickly deploy and operate cost effective unified security management solutions for better threat management and easier PCI/SOX compliance. AlienVault solutions come tightly integrated with dozens of sophisticated open source security tools - Snort, OSSEC, OpenVAS, ntop, Nagios, and more – all in the box. OSSIM by AlienVault ™, the de-facto standard Open Source SIEM (Security Information and Event Management) OSSIM has over 160,000 downloads and users in 80 countries and AlienVault customers...
Fortify’s Software Security Assurance products and services protect companies from the threats posed by security flaws in business-critical software applications. Combining deep application security expertise with extensive software development experience, Fortify Software has defined the market with award-winning products that assure software security from development to production. Today, Fortify Software fortifies the software for the most demanding customer deployments, including the world’s largest, most varied code bases.