Security industry news in general ...

Big_Buck said:

Essentialy, Barracuda, Imperva, Veracode and LogRhytm are now under the same umbrella.  You can expect to see all platform sharing some components like AV engines for example.  Pretty soon, the differences will be on the lip stick only.

But these four you list don't meaningfully overlap in terms of functionality, and none of them are primarily an AV vendor last I looked. They share the same private equity owner, yes, but if they remain independant operating entities, then they haven't yet gone the same way as my kitchen appliances.

So, if you have desktops, you'll find it hard to protect it against malware relatively soon.

I'm not sure the sky is falling. AV is a big market, EDR too. We may see unhealthy consolidation for a while, but these consolidation/disruptor cycles have always been going on, and the (paid!) demand for solutions isn't going away. Indeed, as consumers of cybersecurity products get smarter and more sophisticated, I think there's room in the market for new entrants to provide quality and innovation where monoliths no longer can.

In all this, I think the key thing to keep an eye on is how protective and detective controls are fed with threat indicators. The moment you find the same research and IOCs feeding every single technical control you have, is the moment to become really concerned.

Big_Buck said:

Essentialy, Barracuda, Imperva, Veracode and LogRhytm are now under the same umbrella.  You can expect to see all platform sharing some components like AV engines for example.  Pretty soon, the differences will be on the lip stick only.

But these four you list don't meaningfully overlap in terms of functionality, and none of them are primarily an AV vendor last I looked. They share the same private equity owner, yes, but if they remain independant operating entities, then they haven't yet gone the same way as my kitchen appliances.

So, if you have desktops, you'll find it hard to protect it against malware relatively soon.

I'm not sure the sky is falling. AV is a big market, EDR too. We may see unhealthy consolidation for a while, but these consolidation/disruptor cycles have always been going on, and the (paid!) demand for solutions isn't going away. Indeed, as consumers of cybersecurity products get smarter and more sophisticated, I think there's room in the market for new entrants to provide quality and innovation where monoliths no longer can.

In all this, I think the key thing to keep an eye on is how protective and detective controls are fed with threat indicators. The moment you find the same research and IOCs feeding every single technical control you have, is the moment to become really concerned.