A few weeks back McAfee announced their intent to acquire Solidcore for approximately $33M USD (with another $14M in performance bonuses.) I wanted to get a post out on this sooner, but we have been busy with the recent rebranding effort for Exultium. Better late than never :-)

I spent a number of years competing against Solidcore and McAfee while I was a Product Manager at Cisco. It was pretty surprising to see this acquisition at first, but now it has settled in and I can understand why McAfee made this move.

First, let me expand upon my history with Solidcore. I competed against them most heavily in the embedded systems market. This was especially apparent in single function systems running on multi-function OSes (like ATM machines on Windows XP.) I believe there are 2 core reasons for this:

• Complete focus - they were a startup focused on the embedded vendors and all their marketing materials backed this up. Kudos to Solidcore for staying focused.
• Technology fit - change control technology works well in a single-function environment. If you're shipping out 10,000 kiosks per year and they all work the same way then one profile is very manageable and provides stability for your customers.

At the time of the acquisition they were putting up some pretty impressive numbers. 200K endpoints under protection with a large majority (I assume) running a server OS. This is probably the big reason why McAfee came in to swoop them up. A high growth endpoint security player with a market largely uncontested by the competition (by the I mean Symantec.) Sure, the competitors can protect single function devices, but they don't have the focus that Solidcore brings to the table. Plus McAfee was able to pick them up at a bargain price (appears that total funding for Solidcore was around $40M USD as reported in 2007.)

The future is unclear; as is always the case with acquisitions. It seems that McAfee is taking the right initial step by putting the Solidcore team under McAfee's Risk and Compliance business unit. Hopefully this means the team can remained focused on the technology and not on integrating with ePO (which has killed other endpoint acquisitions in the past.)