Elastic and Endgame - some musings

Investment Analysis Clubs Saul’s Investing Discussions
1

Before I begin I want to point out a post by Dartht about Endgame here which is worth a review. https://discussion.fool.com/the-estc-endgame-acquisition-3422461… . He points out some of the synergies with Elastic Beats and Elastic’s move into the SIEM space. Go read it before reading the rest of my post.

Security Overview
You may be wondering why we need yet another company moving into security. “Security” is a huge huge huge market. Gauchochris told me a nice analogy for the security world. ZS is like a border patrol agent, OKTA more similar to a passport issuer. Extending that analogy out then I would say EDR would be your FBI/(some surveillance and enforcement), SIEM (system wide data collection and monitoring) would be the NSA. You can see there are many different approaches to “Security”. All of which are important. Currently there is no one Security company that addresses the whole market. Mcafee, Symantec try but you can tell by the Crowdstrike, Zscaler, and OKTA’s of the world that the incumbents are losing.

The Acquisition
I’ve been delving the depths of the security webzines, awards, reddit, etc. Here is my take. Endgame was hot stuff into early 2018. They were growing at 70+% a year, reportedly had a 450million valuation and were the security sphere darlings with multiple awards and then something happened. I think that something was probably Crowdstrike. Then there were some rumors that Endgame was trying to sell itself for 300 million dollars. You don’t try and sell your company for 300 million dollars after you have a series D (might have been farther along than that) valuing you at 450 million dollars 8 months before. Fast forward to a few weeks ago and we find out that Elastic buys them for 234 million dollars…almost half of what they were trying to sell themselves for initially. Obviously Endgame had run into trouble.

Supposedly Endgame revenue was
https://www.bizjournals.com/washington/news/2019/06/06/this-…

2016: 3.6 million
2017? (must have been around 12 million)
2018: 21.8
2019: goal of 39 million

However in the call Shay says the company TTM billing is about 20 million.
Hard to know how all that matches up because we have no idea how endgame does their subscriptions but that would probably indicate a pretty massive slow down in growth hence them trying to sell themselves.

Looks like ESTC got Endgame for a P/S of 8-12…pretty darn cheap. So now the questions is…was it worth it?

Endpoint Market
This is one seriously fractured market. If you go back and look at the Gartner Magic Quadrant for the last couple of years you will notice many companies are gone or new. Many of gone out of business, been acquired. This is a crowded field with lots of people having solutions out there. The only clear market winner in my mind is Crowdstrike however multiple companies are buying their way in. ESTC acquired Endgame, Sophos just acquired Rook Security
https://solutionsreview.com/endpoint-security/sophos-acquire… .

I think the 2019 magic quadrant for endpoint protection will be totally changed. This market is moving very quickly and by Crowdstrike’s numbers it looks like they are pulling ahead however I’m not sure this is a done deal since much consolidation is happening and the threat environment is changing rapidly. For example, ransomware is now a big thing, cloud protection is a relatively new thing, you have the intel attacks, spectre, meltdown, etc.

https://www.smart.rs/en/news-and-blogs/gartner-magic-quadran….
Here is a link to the most recent Gartner Magic Quadrant for Endpoint protection which was done in april 2018. Cloudstrike is clearly ahead as well as sophos and symantec. Endgame gets points for completeness of vision but doesn’t do well on ability to execute.

Elastic and Endgame

Elastic has made an interesting move by attempting to offer both SIEM (Security and Information Event Management ) and EDR. I briefly touched on SIEM in the beginning. SIEM basically takes in tons of information, from your firewall, from your endpoint detection, file system etc etc and looks for patterns and anomalies.
Here is a nice article on the differences between SIEM and EDR and how they complement each other. https://www.logpoint.com/en/blog/the-difference-between-siem…

Elastic is perfect for SIEM since it is able to parse and show information in near real time from vast data sets. By offering SIEM and EDR in one product Elastic will have a leg up on most competitors. They seem to have purchased a very high quality company in Endgame, Elastic’s technology is definitely good enough. It will be interesting to see if they can provide something that is attractive enough to pull people to their security offering.

I only saw one company in the 2018 EDP and SIEM magic quadrants, Fortinet . They didn’t do well in either SIEM or EDP. At the moment most EDR companies look like they offer the ability to send information into SIEM systems.
Having dual SIEM and EDP capabilities makes a lot of sense to me as it seems like one can inform the other…good synergy. I think the question is can Elastic break into the security market…this isn’t something they will be able to just sort of focus on. They have a bunch of really tough competitors in each individual market, EDP and SIEM, but I do think Elastic has the chance to do something special with an integrated offering. The more I read about this the more I realize that the endgame acquisition is a relatively huge opening for ESTC. This is a long term project. Not an easy acquisition like mlabs was for mongodb. I also think this highlights just how powerful and general elastic’s core technology is. Just think, elastic search core technology is powering APM, Logging, Metrics, Security, Uptime events, Maps, Search and business analytics. I don’t think their move into security is a sure thing, but I do think they have managed to buy a good company with good technology and people at a good price. This is a market that has room for many companies to play in.

My main concern with Elastic is if they will be able to show operational leverage before the market gets fed up with their expenses. They have plenty of money right now, 300 million dollars, a very very attractive valuation EV/S of 20, great revenue growth near 70%. Their expenses are growing just as fast if not faster but we need a few more quarters to tell if that is a bad thing or setting them up for great growth in the future. I’ve been buying.

I do have a few questions though.

Dreamer. Do you mind weighing in on if you think having Elastic’s salesforce sell Endgame will be as seamless as Shay said in the CC.
Does anyone know how well Elastic holds up in the SIEM market? Gartner apparently doesn’t like open source and I couldn’t find a ton of info so I wonder if this is a newer push for them.

Happy investing!
Ethan

59 Likes
2

Hey ethan,
Great post! I had also replied to Darth’s endgame thread you linked to, and my thoughts are still pretty much the same on their sales motion (or lack of) around endpoint and what it may look like going forward.

Here is what I wrote:
I noticed this similar blog yesterday, from Endgame side of house: https://www.endgame.com/blog/executive-blog/joining-forces

What I find most interesting is the sales motion here.
There are a ton of endpoint security companies, from legacy hardware like Cisco, PANW, Forcepoint, Trend Micro, and upcoming IPO Crowdstrike, etc etc…

So my first thought was similar to when Nutanix started broadening their product base so rapidly, and I worried their sales teams would lose some of that laser focus on HCI that was core to their growth.

But in Elastic’s case, they focus on the “bottom up” approach and their Users drive/create use cases. I have pointed out that they tend to say “use case” a ton of times in their CC, about 30 times in each of the past two ER CC’s.

From that Endgame blog:
“Endgame would gain an ability to get our endpoint technology into the hands of dev ops, security practitioners, and IT users throughout the world, and Elastic would gain access to endpoint telemetry in the market in order to enhance a security use-case their users were already embracing.”

So this is approaching endpoint security, imo, from a much different angle than I traditionally see in IT (infrastructure) sales. Often IT (hardware side) is in charge of creating/procuring the infrastructure
(on-prem or in cloud) needed to run the apps/workloads demanded by the business and developers and DB admins, etc… So if the dev ops folks are already looking at and familiar with Elastic solutions and then take it a step further with the Endgame software, it basically cuts out a step in the sales cycle, and when Cisco or whoever looks to push Endpoint Security with the IT contacts in charge of either Security or Personal Systems (or sometimes the Network team) they will be told there is no need.

The “other wireless devices” category could be interesting too…and is basically IoT in my mind. If you have thousands of sensors deployed in factories or field or wherever, and you want immediate/actionable data regarding alerts or security issues, etc… and you want to also secure that environment at the same time, then Elastic could provide the whole package.

Couple other comments.
“IT” is very broad. When I say IT, I am thinking infrastructure, whether it is hardware or software. My “IT” view doesn’t care if that infrastructure exists via a public cloud or on-prem.

Some others can view DevOps as IT, but I just think of them as “the developer side of the house”. Developers tend not to care about the infrastructure…they are working on the software solutions that the infrastructure was needed to support.

Nutanix, Pure, Arista, Cisco, HPE, Veeam, VMware, NetApp, DellEMC…all infrastructure. Azure, AWS, and Google Cloud (GCP) all provide it via the Cloud. I don’t like investing in infrastructure…I just think it all eventually gets commoditized. Cloud is a bit different, at least in terms of investment, but I can’t invest in AWS or Azure without investing in mammoth companies that have other major business units at Amazon and Microsoft.

Zscaler is infrastructure, but gets a pass from me, because it is cloud-based, and non-hardware security rides the fence, imo, of being infrastructure but also the mission-critical app/workload every business needs. You buy an auto, you buy auto insurance…it is a package deal.

The apps or workloads that a business truly depends on, beyond any proprietary service they provide, are things like Salesforce, ServiceNow, Oracle, SAP, MongoDB, O365, or maybe Epic Systems in the healthcare space, etc… OKTA is an example of how security rides that fence, as they provide key business functionality with SSO but are also in the security side of things. This is largely the world of business unit owners, analysts, and developers driving adoption of these apps and workloads thru large enterprises. It isn’t the IT hardware guy in charge of servers/storage/networking that makes these decisions, unless perhaps at a very small SMB shop where he has to wear multiple hats.

I see the Elastic acquisition of Endgame as opportunistic. As you pointed out, a company had peaked, and perhaps found themselves (not necessarily their products) out of their league or simply lost amongst too much competition. Because there was already synergy there, they got an asset for a great price that will bring them in $30-40m/yr for the next few years. Some of the endgame sellers will leave as happens in acquisitions, but Elastic will hopefully keep many of the best ones, and those resources likely become the “security experts” that are brought into accounts as needed to help push/sell/explain/showcase the endgame products.

I have experience with seeing companies with superior technical employees and capabilities being bought by companies that don’t have those capabilities but who are on more sound financial footing. Pairing of the two becomes a win-win. Hitachi storage also comes to mind…always known as great engineered storage solutions, but about a decade ago you would have found HPE and Sun Microsystems reselling the larger Hitachi storage arrays, because Hitachi was a lousy sales company. HPE sold more of these Hitachi solutions than Hitachi did. I would bet Endgame was similar here…great product, and maybe more engineering focused vs sales-focused.

So Elastic takes a completely different approach, and is going to (likely) provide all existing security customers updates and info about the new capabilities they can utilize once Endgame is fully integrated into the Elastic solutions. They will be more reliant on the enduser customers to drive these use cases and I would guess those Endgame legacy employees that stick around will be more akin to professional services or subject-matter experts, brought in as needed by request of the clients.

This is all guesswork, but what I am pretty certain this is NOT, is that Elastic won’t be looking to sell in a traditional IT infrastructure motion. So they won’t be competing directly against the majority of endpoint companies out there today.

That was sort of wordy and random, and my final comment is that I am still more interested in ESTC for Enterprise Search and other solutions, so any success here in endpoint is just icing on the cake.

Dreamer

22 Likes
3

“Do you mind weighing in on if you think having Elastic’s salesforce sell Endgame will be as seamless as Shay said in the CC.
Does anyone know how well Elastic holds up in the SIEM market? Gartner apparently doesn’t like open source and I couldn’t find a ton of info so I wonder if this is a newer push for them.”

This is a newer push for them, they don’t have a huge presence today in the SIEM space (marketshare) the leaders are Splunk, QRadar, LogRhythm and still with market but fading fast companies like Arcsight. Exabeam has been coming up fast. Remains to be seen how rapidly Elastic will be able to progress and gain marketshare. Informal poll of some CISOs I’ve met with over the past few weeks and didn’t get a ton of enthusiasm for looking at Elastic, but small sample size. The biggest complaint I hear is Splunk pricing which is really hammering them, so if there was a driver to look at Elastic it would probably be more around TCO than technology at this point. The good news is Elastic has some advantages that Splunk has, with a more attractive pricing model. Splunk often starts in other parts of the enterprise (operational use cases etc.) and then moves into security. CIOs like having a single platform handling multiple use cases, one contract, so they land and expand. Elastic can do the same thing, and now with Endgame take it further.

Endgame will be a very easy and seamless sales play for the Elastic reps to run, it’s a nice fit and they can package a more complete solution.

8 Likes
4

Maybe something else that I think is a big reason for the EndGame acquisition. From CFO interview at Bank of America Merrill Lynch Global Technology Conference on June 6, 2019.

So, the space is the traditional EPP and EDR space. But if I think about our own roadmap and strategy, I think everyone knows we already have ambitions in the SIEM space and we are working on our SIEM product. We also invest quite heavily in agent-based technology to be able to ship data into Elasticsearch. And actually, it is all about the data at the end of the day. And what Endgame has is the endpoint technology that does obviously the detection, but also the remediation. And they’re actually built on top of Elasticsearch.
https://ir.elastic.co/Cache/398256095.pdf

So not only synergy and a more focused capability at the endpoint. Also the REMEDIATION.

Ingest, search, report, fix, repeat.

That is something the Elastic stack doesn’t have.

Darth

7 Likes
5

Good research Ethan. I just posted in the other thread (https://discussion.fool.com/Message.aspx?mid=34228753) about how this move into SECaaS isn’t surprising, but wanted to answer your questions, in reverse order:

Does anyone know how well Elastic holds up in the SIEM market?

SIEM is a major use case for Elastic Stack. Here is the topic on Elastic’s marketing page on it, where they tell customers they can either enhance their existing SEIM solutions, or they build their own: https://www.elastic.co/solutions/security-analytics

Go back and read my ElasticOn conference writeup from Oct’18: https://discussion.fool.com/insights-from-elastic-conference-340…

Conference had 2 main tracks for Infrastructure Monitoring & Security/SEIM. It was the same with their last event in May that I had to skip. So SEIM was half the talks.

Read the story at the bottom of that conf writeup, where an org took their home-grown SEIM from Splunk to Elastic Stack for major cost savings and massive performance improvement: One interesting use-case presentation worth mentioning was an organization that built their own cyber monitoring & intrusion detection system using open source tools (Nifi to collect logs, Kafka for transport, Elasticsearch for search, Kibana + Timelion + the new Canvas app to visualize on dashboards). They then developed their own machine learning system over it. They converted to this system from using Splunk for all the log ingestion and analysis, as the new in-house Elastic stack gave them a greatly reduced ongoing cost, massive speed improvements (secs vs mins), increase of throughput & space, more granular security, and more optionality (easier to integrate other intelligence tools and add’l data sources).

After this shift to Elastic Stack, they showed costs as going from “$$$$$ to $$”. 60% reduction in costs to use Elastic over Splunk, while query responses went from minutes to seconds!

I didn’t cover it in my writeup, but there were also demos from a few different home-grown SEIM systems built upon Elastic Stack, plus I know of a few others.

So needless to say, Elastic Stack is a fantastic choice of underlying datastore (with visualization interface and log management) for those who want to build their own SEIM.

Do you mind weighing in on if you think having Elastic’s salesforce sell Endgame will be as seamless as Shay said in the CC.

Elastic is buying up SaaS companies and is keeping them intact as subsidiaries, so they can continue to develop and sell their SaaS services through their own sales force. In my Elastic deep dive (https://discussion.fool.com/an-elastic-technical-review-34208190…) I talked about their acquisition of Swiftype. They were a company that built enterprise Search SaaS services on top of Elastic Stack. Elastic acquired them and kept them as a subsidiary, and is using them to further expand the product line. I wrote this about their moves with Swiftype:

Their marketing maintains a great balance - basically saying “we can do this as a SaaS service for you, or build it yourself with Elastic Stack”. … All of these new services have enormous potential as enterprise SaaS apps in their own right. Perhaps not as sticky as Okta, considering it competes with Google on all of them. But it seems like just the tip of the iceberg as far as what Elastic could do here, in terms of enterprise-focused SaaS tools for search & analysis.

Well, I was right about tip of the iceberg - as they are now turning into EDP & SEIM SECaaS services! I am smacking myself in the head now - I really should have foreseen this direction given the huge focus on it within their developer conference.

And later in my summary I said: There may be risks in this direction, but I think this has already been addressed by Elastic – the marketing is taking a great tack in saying you can use the SaaS Service or do it on Elastic Stack yourself. Elastic is also keeping Swiftype an independent division. It’s such a good idea – find companies building on the Elastic Stack, and acquire ones that align with Elastic’s use cases. They can leverage all their knowledge about the core Elastic Stack platform it is built on, but focus these SaaS services toward highly-honed enterprise solutions around search and analytics.

So, I believe it will be exactly the same with Endgame. I don’t envision SaaS sales force intermixing with the Elastic Cloud salesforce. A company either wants it done for them (SaaS service) or wants a platform to build it themselves (Elastic Cloud, or self-hosted support). Marketing will make the difference clear, and sales forces will be focused on one or the other.

-muji
long ESTC

28 Likes
6

Dang it.

In my list of SIEM systems based on Elastic Stack, I accidentally cut out the most popular one, and left only the smaller ones (SIAC and HELK).

As backstory, OSSEC Host-based Intrusion Detection System (HIDS) is an open source project since 2004 (https://www.ossec.net/) for malware and intrusion detection from logs (SIEM before Gartner coined the term). It was sold to Trend Micro in 2008 who has since maintained it. It’s getting a bit long in the tooth.

Eventually OSSEC was forked as Wazah, and was re-built directly on top of Elastic Stack for a more modern, scalable architecture. They also built a company around it to provide enterprise support and it now offers managed cloud hosting of Wazah stack. (A now familiar open-source → enterprise tactic.)

-m

4 Likes
7

M,

Question we all ask about Elastic is not that everything is not built on top of
Elastic stack but of these multitudes of used who is paying Elastic?

Tinker

5 Likes
8

Question we all ask about Elastic is not that everything is not built on top of
Elastic stack but of these multitudes of used who is paying Elastic?

I don’t know that I have that kind of granularity on ZS or AYX or MDB. Although AYX in last investor day showed that top 25 accounts have grown their spend 30x.

I assume you mean the licensing…what is free, what is paid. Agreed it is hard to know.
But not sure I need to know, rather than just follow the numbers.

Company just ended their fiscal year with $271m.
They forecasted approx 49% growth for next 12 months, at about $400m.
Given the sandbagging nature of the beat-and-raise game, let’s call the actual finish about $440-450m.

Almost every company with near-50% growth or above has a minimum P/S of about 20 it seems. With the lockup pressure, ESTC is about 20 P/S now.

So if they don’t get any multiple expansion, and stock appreciation simply mirrors revenue growth the next 12 months, a year from now they should have a TTM P/S of 20 and a market cap closer to $8-9b or a 60% stock price appreciation.

Unlike MDB, ZS, TTD, and now even AYX with the recent run and Tableau buyout, most of these stock names have been discovered by the market it seems. I don’t think ESTC has yet.

I know their SaaS component within their Sub business, while small, is growing faster than the overall sub business, and they stated they expect that will continue. They also mentioned pricing changes that will add headwinds for 1 more Q, which may further explain the “drop” in revenue growth rate we saw. This makes sense, as their next Q forecast was the same % as their full-year forecast. Normally, most companies have much lower % forecasts for the further-out Q’s and full-year.

This tells me that mgmt has high confidence they will have a strong year. They haven’t been around long, but they haven’t also given me a reason not to trust them at this point. So will trust them until/if they prove they aren’t deserving of it.

Dreamer

17 Likes
9

Muji, thanks so much for the excellent tech post. I am long ESTC but I am growing more uncomfortable with the position. I have seen that companies with great technology do not always win. I am reminded of the old “Gates Jobs” conversation Jobs told Gates that Apple had better PC technology than Microsoft. Gates responded by saying “That does not matter”.

What concerns me is not ESTC the technology company but rather ESTC the money making company. After all that is why we are all here. It went public in Oct of 2018 and started trading at a price I could buy at around $70 a share, 8 months later it is trading today at around 75.80. Far underperforming other stocks we follow. Monday the CEO sold 15,000,000 shares.

Metrics that concern me is slowing growth. since we don’t have TTM figure the next qtr growth is expected to be about 43% (not bad). Next full year revenue growth is expect to be 37.4% (dramatic slowing.

In addition loss per share is expected to go from $1.11 per share to $1.39 dollars per share. ESTC the money maker is headed in the wrong direction. The story of great technology and not converting it to shareholder value seems similar to NTNX, PVTL and Pure.

From he standpoint of ESTC the “money maker” where am I wrong?

4 Likes
10

Monday the CEO sold 15,000,000 shares.

Metrics that concern me is slowing growth. since we don’t have TTM figure the next qtr growth is expected to be about 43% (not bad). Next full year revenue growth is expect to be 37.4% (dramatic slowing.

The CEO sold 200k of shares worth $15m. Big difference.

I don’t know where you get your growth forecast from.

https://seekingalpha.com/article/4268606-elastic-n-v-estc-ce…

"For first quarter of fiscal 2020, we expect revenue in the range of $82 million to $84 million, representing a growth rate of 47% year-over-year at the midpoint.

For the full-year fiscal 2020 we expect revenue in the range of $397 million to $403 million, representing a growth rate of 47% year-over-year at the midpoint."

I throw out the midpoint. The game is beat-and-raise, and I always start with the high end of their guidance number, which for both next Q (Q1 of their new fiscal year) and the full year of the new fiscal year, is 49%.

Dreamer

12 Likes
11

To me there is no use fighting the market.

ESTC is weak right now.

I have a starter position and am keeping an eye on it.

I like the company, and when the market starts to like it, and it shows some strength, that is when I am going to add.

Jim

12

The CEO sold 200k of shares worth $15m. Big difference.

Yes, insider ownership is around 44% (over $2 billion) according to Yahoo. The CEO recently owned 8.4 million shares (about $630 million at the current price) himself. So this is relatively a small amount.

"For first quarter of fiscal 2020, we expect revenue in the range of $82 million to $84 million, representing a growth rate of 47% year-over-year at the midpoint.

For the full-year fiscal 2020 we expect revenue in the range of $397 million to $403 million, representing a growth rate of 47% year-over-year at the midpoint."

I throw out the midpoint. The game is beat-and-raise, and I always start with the high end of their guidance number, which for both next Q (Q1 of their new fiscal year) and the full year of the new fiscal year, is 49%.

Dreamer

Yes, these are the same projections Schwab has.

dave

2 Likes
13

I had built up a 2/3rd of my target position in ESTC. If it blew out numbers I wanted to be in the name even with unlock coming up. My reasoning is that stellar numbers might counteract any downward pressure of the unlock. I have seen instances of unlocks being built into the price before the actual event and with a strong stock move up on the unlock. ESTC seemed to be fighting the tape on days the market was down. But lately it has not had relative strength to my eyes. So I took a small gain and exited the position. I watch the market everyday, all day and if I see a change in its price action I may revisit.
I’d rather wait on the sidelines for now. I like their story very much but for now I have to see confirmation from the market.

Rob

1 Like
14

Dreamer I fat fingered the sale amount and left the “$” sing off. Humbly apologize.

I got the growth rate from TD Ameritrade stock research page.

My point was to question the overall potential of ESTC against MDB. I am long both. I have a substantially larger MDB position. ESTC has certainly not performed since its IPO, Perhaps since lockup issues are totally out of the way since Monday the market may turn favorably toward the stock.

15

Estc has to hope Splunk left enough low hanging fruit. And the size of the market is sufficient enough for growth. MDB has to worry about the latter only. I will be watching estc for their enterprise search to see what happens there. No estc, MDB is my largest position

16

Estc has to hope Splunk left enough low hanging fruit. And the size of the market is sufficient enough for growth. MDB has to worry about the latter only. I will be watching estc for their enterprise search to see what happens there. No estc, MDB is my largest position

The business that Elastic goes after that competes with Splunk is only part of their TAM, and they are winning:

https://devops.com/splunk-elk-stack-side-side-comparison/
That nerd-run blog echoes a lot of what muji already did a deep dive on in his previous epic ESTC posts, but always good to see other sources.

Top search company, per rankings. By a mile. (note MongoDB is tops in different category…click “Document Stores” on the left side)
https://db-engines.com/en/ranking/search+engine

I have seen a few places on line where developers give their opinion that Splunk is akin to Microsoft in the way Elastic is akin to Linux…just simply preferred by developers. That is why you see a bunch of sites like this:
https://linuxacademy.com/devops/training/course/name/elastic…
https://www.slideshare.net/chenryn/how-elasticsearch-lives-i…

I can’t time the bottom or the top, but I don’t see another high-tech hyper-growth (50%+y/y) company out there that has the stock appreciation potential that ESTC has at this moment in time, for the next 9-12 months.

Since they called 49% growth for next 12 months ($400m), and the game is beat-and-raise, it seems pretty fair to assume they will come in near $440-450m. If they maintain a “lower” P/S of 20, which they have today, compared to MDB or ZS in the low 30’s, you would/should have a stock appreciation 50% plus WITHOUT needing multiple expansion to net you those gains.

ZM is $26b mkt cap. What seems more likely…ESTC getting to $8.25b in next 12 months, or Zoom being worth $39b (equivalent of ZS+AYX+MDB+TTD combined).

Dreamer

35 Likes
17

This is one seriously fractured market. If you go back and look at the Gartner Magic Quadrant for the last couple of years you will notice many companies are gone or new.

The cyber security market will most likely remain fractured indefinitely. I was not in the computing security organization where I worked (yes, we had a dedicated organization). However, as an Enterprise Architect I interacted with this organization frequently. They intentionally used an approach described as layered security. The security problem was sub-divided into various segments, i.e. user identification/verification, hostile s/w signatures, controlled access to aps and databases, perimeter protection, etc. Each layer employed s/w from a different vendor or in some cases, like export controls, in house development.

The prevailing philosophy was that there was additional protection derived from employing different products from different vendors. The idea was that getting too much “protection” from the same vendor was a vulnerability. This strategy was based on the notion that once compromised, all s/w from the same vendor was subject to being more easily defeated. I have no idea whether or not that was a valid concern, but it was put into practice.

4 Likes