The deal VMware unveiled this week to buy cybersecurity firm Carbon Black triggered a heaping share of skepticism.
“I’m having a hard time with the Carbon Black acquisition,” said Jeffries analyst John Stephen DiFucci on a conference call with VMware executives. “I get that Carbon Black is part of that next-gen player. … But I don’t think it’s considered the cream of the crop out there, and that’s kind of what you’ve done in the past when you do things like this.”
Analysts digesting the deal at William Blair said it looked “curious at first glance” but isn’t a “big surprise” from a long-term perspective for VMware (NYSE: [[ticker:VMW]]), which sells virtualization software and other cloud tools and services. The company saw an opportunity to acquire a leading technology at a reasonable price, a trio of William Blair analysts wrote in a note Thursday, shortly after the deal to acquire Waltham, MA-based Carbon Black for $2.1 billion was announced. The deal will make Carbon Black, an endpoint protection cybersecurity company founded in 2002 by former US intelligence hackers, more relevant to chief security officers, who are dealing with a fragmented cybersecurity market, the analysts said.
“What remains to be seen is whether VMware backed the right horse in this race,” they warned.
There’s no shortage of endpoint protection companies out there that could offer something similar to Carbon Black, if not whatever magic VMware sees in the enterprise. Crowdstrike, Cylance, Symantec, McAfee, Sophos, Palo Alto Networks, and FireEye all offer endpoint protection.
The Carbon Black acquisition came alongside another deal to buy Palo Alto-based enterprise software company Pivotal (NYSE: [[ticker:PVTL]]), which VMware also announced Thursday. The company pegged the enterprise value of Pivotal at $2.7 billion.
VMware’s all-cash deal for Carbon Black (NASDAQ: [[ticker:CBLK]]) values the company at $26 per share, while the cybersecurity company’s shares traded at $24.50 prior to news of the deal. The transaction has an enterprise value of $2.1 billion, VMware said Thursday.
Carbon Black CEO Patrick Morley told Xconomy Friday he’ll head up a new cybersecurity division at VMware, a partner of the cybersecurity company for the past three years. He said the decision to join VMware rather than continue to go it alone was driven by the scale that the larger company would afford it. Carbon Black has 6,500 customers to VMware’s half a million, Morley says.
“When I take a step back, the opportunity is to take our vision of a world safe from cyberattacks and our mission of transforming security through data and analytics,” Morley said. “This allows us to take that globally faster, and in the end that’s what we are trying to do.”
While the rationale sounds like a straightforward move for a larger deployment of its cybersecurity tools, executives at both the buyer and the acquired see in the scale a serious benefit for Carbon Black’s underlying security technology.
Right now, Carbon Black’s system works by watching the activity on all the systems and devices its clients are running, capturing an immense amount of data from them, then churning that information through an analytics engine to eke out attack trends to better protect its clients. If data from Carbon Black’s customer base of 6,500 can provide good basis for protecting users from attacks, the thinking goes, what can data from 500,000 do?
“We’re going to have more access, more data that allows us to combine with the security cloud that Carbon Black is already operating,” VMware CEO Pat Gelsinger told analysts Friday. “Collectively, we believe we’ll have more telemetry, more visibility, more data across that spectrum than any other vendor in the industry.”
He added: “We’re out to change security for the industry. It is broken. We’re out to fix it in the fundamental way.”
Enthusiasm for the strategy has yet to infect the stock market; shares of VMware stock sank almost 10 percent Friday.