Sourcefire just announced its acquisition of ClamAV. ClamAV is by most estimates the most commonly used open-source antivirus product on this planet, with over 10 million downloads (and a significant percentage). Great, great move by Sourcefire.
There's just no end in sight of this open-source M&A market, friends, and this time it was one open-source project buying another. I like that. Keep it in the family.
Nick Selby over at The 451 Group has a great analysis. He writes:
This is an important deal with ramifications in the open source and proprietary software and enterprise security software industries. The acquisition, Sourcefire's first since going public, extends and builds upon Sourcefire's successful Snort efforts, proving the community/commercial hybrid model can not only work but work in such a way as to support a company which (current stock price woes aside) is publicly traded.
Almost immediately Clam will begin to see engineering and technical support from the Sourcefire team, meaning that issues involved in Clam's supply chain--detecting, identifying, writing signatures, testing and pushing out new signatures--will be streamlined and improved. We daresay that the Sourcefire team may learn a thing or two from the to-date under-funded Clam guys as well. Upkeep of Clam's valuable network of mirrors will also be better funded and capable of being handled more systematically.
This positions Sourcefire to release both commercial support options for ClamAV--a potentially lucrative activity, as well as to release a Unified Threat Management product sometime in 2008--a move that could accelerate its moves into the growing SMB security business. (Paragraph separators are mine for ease of reading.)
I really like this move. It makes a good open-source company even better, and shores up an already strong open-source project.