Cyber Consolidation: Carbon Black Buys Confer in Endpoint Security

In what could be another sign of a shakeout in the cybersecurity industry, Carbon Black says today it has acquired fellow Boston-area security firm Confer Technologies. The deal has closed, but financial terms weren’t given.

Both companies focus on endpoint security—software that helps organizations detect and respond to threats against computers, devices, and servers. Waltham, MA-based Carbon Black, formerly known as Bit9, has been around since 2002 and has raised about $190 million from venture investors, making it one of the biggest bets in cybersecurity.

Southborough, MA-based Confer had raised at least $25 million from investors including North Bridge Venture Partners, Matrix Partners, and Foundation Capital. The company, which doesn’t share any investors with Carbon Black, closed a $17 million Series B round last fall.

The cybersecurity market is seeing a fair bit of consolidation, particularly around Boston. Last month, Cisco Systems acquired CloudLock for $293 million. In February, IBM bought Resilient Systems for $100 million-plus. And last year, Digital Guardian bought Code Green Networks, part of a series of acquisitions in data protection.

Carbon Black, which got its present name from an acquisition of its own in 2014, is trying to dominate the endpoint security sector. “We started to look at the market at the end of last year,” says CEO Patrick Morley, who adds that Carbon Black examined more than 10 security companies as potential acquisitions. “We really liked the [Confer] team, and we liked that they were local.”

Morley (pictured) says Confer’s technology works to detect and prevent cyber attacks using “behavioral analytics” in a way that’s “easy to deploy and administer.” Basically, the software collects data on all endpoint activity and provides context around how an organization’s devices and servers are being used or accessed. That sort of intelligence can be used to analyze hacking behavior and, ideally, adapt the network’s defenses in response.

Confer has about 50 employees and 50-plus customers, according to Carbon Black. Meanwhile, Carbon Black has more than 600 employees and some 2,000 customers. The company said last fall it expected to generate $70 million-plus in 2015 revenues.

“This allows us to serve every company in the world, and extend our vision,” Morley says of the acquisition. He adds that the plan is to “integrate the products aggressively over the next few quarters, so we can provide customers one cloud-based offering.”

Confer CEO and co-founder Mark Quinlivan is leaving the company post-acquisition. Co-founders Jeff Kraemer and Paul Morville, who are in charge of technology and products, respectively, are staying on.

Carbon Black continues to face competition from big companies such as Symantec (which is buying Blue Coat Systems in a mega-deal), Intel (McAfee), IBM, and Palo Alto Networks, as well as smaller players like CrowdStrike, Cylance, Cybereason, Cybric, and CounterTack (lots of “C” companies in this sector, several of which have raised big funding rounds).

“The endpoint is where the battle’s really being fought,” Morley says. “The device is becoming more and more central to security. It’s where companies have to invest.”

At the same time, many cybersecurity startups are struggling to make money in a crowded and noisy industry. A lot of them won’t be around in a few years, Morley says.

One question is whether—and when—Carbon Black itself may be acquired by a bigger player. The company must be feeling some pressure from its investors for an exit, given how long it has been funded (and how much it has raised).

Morley wouldn’t say anything about that, of course. Nor would he comment on any IPO plans. “We’ve continued to see dramatic growth,” he says. “We’re aggressively building a large cybersecurity company in Boston. … You’re going to see some big companies get built, and we’re going to be one of them.”

Trending on Xconomy