Outlook Series | McAfee to Pay Up to $47M for Solidcore Systems

McAfee to Pay Up to $47M for Solidcore Systems

May 18, 2009

McAfee is buying privately owned Solidcore Systems for approximately $33 million in cash up front and with an earn-out of up to an additional $14 million if certain performance targets are met. Solidcore is a leading provider of dynamic whitelisting technology that controls and protects the applications installed on a computer, resulting in improved IT compliance, security and availability.

Solidcore uses dynamic whitelisting to protect against vulnerable or malicious applications and ensure that only pre-authorized software and code can run on servers, endpoints, fixed function devices and mobile devices. Following the completion of this proposed acquisition, McAfee expects to couple Solidcore’s dynamic whitelisting and compliance enforcement technology with McAfee compliance mapping and policy auditing to deliver the industry’s first end-to-end compliance solution. Customers will benefit from centralized management and reporting of the integrated technologies through the McAfee ePolicy Orchestrator console.

The proposed transaction will bring together best-in-class technologies:

Solidcore’s strong foot-hold in the embedded device market will help McAfee significantly expand its reach to include security for automated teller machines (ATMs), point of sale (POS) systems, multifunction printers (MFPs), Supervisory Control and Data Acquisition (SCADA) systems, mobile and other embedded devices
Solidcore's dynamic application whitelisting, combined with McAfee blacklisting/graylisting capabilities, will give customers a single security platform for dynamic application control across the enterprise
With the acquisition of Solidcore, McAfee will strengthen its position as the leader in the compliance market by adding real-time enforcement that eliminates “compliance drift.” McAfee will offer customers continuous management of the compliance lifecycle (auditing, reporting, remediating and enforcing), resulting in reduced costs and faster time to compliance.
Solidcore's continuous File Integrity Monitoring (FIM) for Payment Card Industry (PCI) compliance will provide McAfee with a scalable model for enforcing compliance across small and large businesses
Solidcore's Control solution, integrated with change and configuration management suites, such as HP Business Service Automation software, will enable McAfee to provide an integrated change and configuration management solution that helps customers operationalize and streamline their security programs
McAfee will strengthen its virtualization security offering with Solidcore’s capabilities for locking down virtual environments, which includes VMware Hypervisor and Microsoft Hyper-V virtual environments. This, combined with automatic compliance checking, will provide customers with a secure virtualization infrastructure.

“Solidcore’s industry-leading compliance and protection solutions will extend the current McAfee security portfolio beyond signature-based anti-malware with the addition of dynamic whitelisting and application trust technology,” said Dave DeWalt, president and chief executive officer, McAfee. “Combined with leading McAfee antivirus, antispyware, host intrusion prevention, policy auditing and firewall technologies, we will help customers more easily mitigate the risks associated with vulnerable or malicious applications downloaded by employees. Through this acquisition, we believe McAfee can expand its reach into new markets, secure new platforms and strengthen its hold as the leader in the $6 billion endpoint security market.”

Solidcore currently protects more than 200,000 endpoints from malware and unauthorized changes with its patented whitelisting software, which includes systems such as ATMs, POS systems, process control devices, mobile devices, servers and workstations. Its customer base is geographically diverse, with customers in more than 40 countries, at more than 100 financial institutions and across more than 15,000 retail stores.

“Today’s complex threat landscape and evolving compliance standards require customers to go beyond a reactive, ‘check-the-box’ model for security and deploy preventive security that incorporates dynamic whitelisting,” said Anne Bonaparte, president and chief executive officer, Solidcore. “The integration of Solidcore with McAfee will provide customers with the highest level of system integrity and security across their physical and virtual environments, and allow customers to more quickly and easily meet the today’s demanding compliance requirements.”

Following the closing, the Solidcore team will be incorporated into the McAfee Risk and Compliance business unit, headed by George Kurtz, senior vice president and general manager, McAfee.

The acquisition is expected to close in the second quarter of 2009. McAfee expects the impact of the acquisition of Solidcore on second quarter 2009 results to be slightly dilutive to non-GAAP earnings per share and more dilutive to GAAP earnings per share. Jefferies & Company, Inc. acted as exclusive financial advisor to Solidcore in connection with the transaction.