Veracode Software gobbled by private equity house Thoma Bravo for $950m

Home of McAfee and SonicWall slurps app security testing biz from Broadcom


Thoma Bravo – private equity owner of McAfee and Barracuda Networks – has slurped cloudy application security testing biz Veracode Software, a division of Broadcom, for $950m in cash.

Veracode was only bought by CA Technologies in March last year, but clearly doesn't feature in the future plans of Broadcom – CA's new parent. It sells a software-as-a-service platform and related wares for developers to ID and fix security defects during the dev lifecycle.

"Software security is one of the most consequential issues facing companies as they look to compete in the digital economy," said Sam King, currently senior veep and GM of Veracode, but who will be made CEO of the biz when the transaction is concluded.

Thoma Bravo also owns or has stakes in Centrify, Compare Corp, Koufax, LogRhythm, Riverbed and SolarWinds, Blue Coat Systems and SonicWall.

Around 2,000 firms – handily rounded up – use VeraCode to test the security of their applications, VeraCode claimed, including a third of the Fortune 100 and 20+ of Forbes Most Valuable brands.

Veracode, founded in 2006 by Chris Wysopal and Christien Rioux, was sold to CA for $614m in March 2017.

In one of the strangest buys we've seen, CA was snaffled by Broadcom for $18.9bn. The rationale, according to Broadcom CEO Hock Tan, was that he wanted to create a "leading infrastructure company" and CA, with its "sizeable" base of mainframe and enterprise software punters, was another step in that ambition. ®


Other stories you might like

  • Experts: AI should be recognized as inventors in patent law
    Plus: Police release deepfake of murdered teen in cold case, and more

    In-brief Governments around the world should pass intellectual property laws that grant rights to AI systems, two academics at the University of New South Wales in Australia argued.

    Alexandra George, and Toby Walsh, professors of law and AI, respectively, believe failing to recognize machines as inventors could have long-lasting impacts on economies and societies. 

    "If courts and governments decide that AI-made inventions cannot be patented, the implications could be huge," they wrote in a comment article published in Nature. "Funders and businesses would be less incentivized to pursue useful research using AI inventors when a return on their investment could be limited. Society could miss out on the development of worthwhile and life-saving inventions."

    Continue reading
  • Declassified and released: More secret files on US govt's emergency doomsday powers
    Nuke incoming? Quick break out the plans for rationing, censorship, property seizures, and more

    More papers describing the orders and messages the US President can issue in the event of apocalyptic crises, such as a devastating nuclear attack, have been declassified and released for all to see.

    These government files are part of a larger collection of records that discuss the nature, reach, and use of secret Presidential Emergency Action Documents: these are executive orders, announcements, and statements to Congress that are all ready to sign and send out as soon as a doomsday scenario occurs. PEADs are supposed to give America's commander-in-chief immediate extraordinary powers to overcome extraordinary events.

    PEADs have never been declassified or revealed before. They remain hush-hush, and their exact details are not publicly known.

    Continue reading
  • Stolen university credentials up for sale by Russian crooks, FBI warns
    Forget dark-web souks, thousands of these are already being traded on public bazaars

    Russian crooks are selling network credentials and virtual private network access for a "multitude" of US universities and colleges on criminal marketplaces, according to the FBI.

    According to a warning issued on Thursday, these stolen credentials sell for thousands of dollars on both dark web and public internet forums, and could lead to subsequent cyberattacks against individual employees or the schools themselves.

    "The exposure of usernames and passwords can lead to brute force credential stuffing computer network attacks, whereby attackers attempt logins across various internet sites or exploit them for subsequent cyber attacks as criminal actors take advantage of users recycling the same credentials across multiple accounts, internet sites, and services," the Feds' alert [PDF] said.

    Continue reading

Biting the hand that feeds IT © 1998–2022