Its been a while since I followed in any detail the network security industry, but there was a time when I followed it pretty closely. When I heard about Sourcefire’s IPO earlier this year I got excited because I thought it would be another example how Open Source projects could be transformed into Open Source businesses. Other than RedHat there aren’t too many public comps for Open Source companies.
Life as a public company has been tough on them. They went public with little fanfare, but did manage a nice uptick out of the gate rising from $15.00 to $16.05. Then they proceeded to miss their revenue projections their first quarter as a public company. Badly. Yikes!
At the time it seemed as though there might be some confusion on their Open Source model and Alex Fletcher, an analyst who’s blog I like is quoted here:
Add to that Sourcefire’s open-source business model, which could potentially confuse some investors, and it’s not surprising that Sourcefire hit the ground hard.
Unlike traditional proprietary companies, Sourcefire cannot offer big licensing deals as proof of its success on its balance sheet — at least in its early days, says Fletcher.
“In the short term, the business model involves them trading a lot of the upfront revenue for a larger user base by basically providing the software or making parts of it available for free,” he explains.
A better indicator of the company’s health could be the state of the open-source technology it is dependant on for its revenue.
To get a sense of this, investors should look at the community activity around the Snort project, the feedback about it, its release schedule and its flaws — all of which are easily available, says Fletcher.
“Because of the open and transparent nature of open source, if someone wants to see this, they can easily look it up,” he says.
Their next quarter wasn’t all that much better when they came in at their lower end of their guidance. They announced earnings Friday and their stock plunged 20% (although some of that could be attributed to the meltdown in the credit markets as well).
I don’t think anyone was confused about their business model this time. They just did not show the top line growth that investors were expecting. They announced $11.3M in revenue which was an 18% increase over the prior year. Of this revenue, the product license revenue was flat year over year.
That’s just not the kind of growth that’s going to get investors excited. Open Source or not.
I listened to their conference call and I found it interesting that they never mentioned Snort (the Open Source Project the company’s product is based upon), Open Source licensing of any kind, or their Community. Not even once.
In fact there was nothing said during the conference call that would indicate that Open Source had any role in the company at all. And I’m sure this was no accident.
I’ve prepared a number of earnings calls myself and I can tell you that they are 100% scripted so nothing gets said (or is omitted) that isn’t reviewed by the IR team, the CFO, CEO and outside counsel.
I think this is a symptom of a larger identity issue with them. Are they Open Source or Proprietary? Hardware or Software? License driven or Subscription? I’d have to spend a lot more time digging into this to really figure what they’re trying to be.
But one thing is clear. Investors only care about results and it looks like SourceFire let them down this quarter. But given Snort’s huge installed base, I think the results will emerge, but perhaps not on a smooth quarterly trajectory. So I remain convinced that anyone interested in learning how to build a company based on a Community had better keep a close eye on SourceFire.
Finally, I did some analysis on their latest quarter’s income statement and in my next post I’ll examine it to see if can help solidify our understanding of the economics of Open Source.