May 12, 2011

Tripwire To Be Acquired By Thoma Bravo, Will Add Cloud Security Service

Security and compliance firm Tripwire has signed a definitive agreement to be acquired by private equity firm Thoma Bravo, a move that executives say will enable the company to expand its portfolio and geographic reach.

The transaction, which is expected to close in May, will give the company a stronger financial boost to increase its portfolio of products -- particularly in the cloud space -- and expand its geographic market presence throughout Europe and the U.S. Financial details of the acquisition were not disclosed.

A niche, Portland, Ore.-based security firm with a specialty in enterprise compliance, Tripwire has more than 5,700 customers in 94 countries, 46 percent of which are Fortune 500 companies.

As a part of Thoma Bravo, Tripwire will continue to operate independently as a standalone security company, while CEO Jim Johnson will continue to head the company.

Executives hail the acquisition as a boon for Tripwire, which has a strong presence in the enterprise and vertical markets with strong compliance requirements, but has remained largely under the radar in terms of branding.

As it currently stands, Tripwire has strong presence in specific verticals that are required to adhere to a wide array of stringent regulatory compliance mandates -- such as government, financial and retail verticals. Executives say that the capital backing provided by Thoma Bravo will give the security and compliance company a combination of "channel enablement, air cover and awareness" that will put them on the radar of CIO's and other C-level executives.

"It keeps us as an independent entity and also gives us access to capital," Rekha Shenoy, Tripwire vice president of marketing, said in an interview with CRN Friday. "From a marketing perspective, we'll be able to solve bigger problems for the customer. Being known for compliance, we can move higher up the stack and be a strategic partner for CISO for data protection needs."

Private equity firm Thoma Bravo has historically focused on software and service sectors, last year acquiring perimeter security vendor SonicWall and antivirus firm LanDesk .

Shenoy added that Tripwire's offerings would not be integrated with other technologies following the acquisition, and that Thoma Bravo would continue to support the company's channel efforts, adding that the firm would provide financial backing to expand the channel internationally.

So far the company has its sights set on EMEA, in particular France and the Middle East, Shenoy said. "We're just going to move full steam ahead with our channel presence," she said.

Security solution providers space say that Thoma Bravo's decision to acquire Tripwire -- with the hopes that it would provide a significant return on investment -- indicates that there's a growing need for niche compliance vendors as regulations become increasingly stringent.

"I think you're seeing the growth of the market, given everything that's going on. It seems like every week security breaches are just getting bigger and bigger around this stuff. I don't think you're going to see a slowdown right now," said Jonathan Dambrot, CEO of Prevalent Networks, based in Warren, N.J. "We're seeing regulations come very fast. Any time you have speed that requires companies to change very quickly, there's going to be opportunity."

Tripwire Offers Cloud Security With Datapipe Partnership
Meanwhile, some of the anticipated opportunity for company will be in the cloud, its executives said. Tripwire aims to expand into new territory by partnering with managed services and IT and cloud infrastructure provider Datapipe, which will give the company the ability to offer PCI DSS compliance across both the public and private cloud.

The service, called Secured By Tripwire, is a SaaS-based security solution for cloud and managed service providers, offering Tripwire's suite of managed compliance and security services with a monthly usage subscription.

Executives say that the Datapipe partnership will give Tripwire the ability to offer a comprehensive PCI package, complete with continuous file integrity monitoring, compliance and security in the cloud.

The cloud approach to security also opens up wide swaths of opportunity for the channel to harden cloud infrastructure and give customers peace of mind as they transition their infrastructure, Shenoy said.

Specifically, the cloud offering will give Tripwire partners the ability to provide customized managed services tailored to their customers' specific needs, a flexible licensing and pricing model and increased efficiency and control with services that can scale, standardize and automate information delivery.

Subsequently, Shenoy said that Tripwire would be actively recruiting more cloud and managed service providers over the next year who would be able to deliver the Secured by Tripwire service to customers.

"We're already aggressively pushing in this direction," she said.