Despite virtualization sweeping datacenters and now serving as a cornerstone of cloud computing, virtualization security has largely been an afterthought. Few startups focused on this market are generating much revenue, and M&A activity has been muted, both in terms of deal flow and valuations.
For instance, VMware – the kingpin of virtualization, which sits on nearly $3bn in cash and has spent hundreds of millions of dollars on acquisitions in other markets – has made only tiny moves around security. It reached for Blue Lane Technologies in October 2008 for what we believe to be less than $10m. (Blue Lane was one of about 20 initial partners in VMware’s VMsafe, which was introduced in early 2008.) That purchase came almost a year after VMware added hypervisor security vendor Determina for an estimated $15m.
Things may be about to change. My colleague Steve Coplan has written in a new report that the rise of desktop virtualization is likely to make security much more of a central concern. But as he notes, it’s not immediately clear which companies will actually be providing the security – the virtualization vendors, security firms or perhaps even management software providers? He looks at the rationale for all three groups as acquirers, and even lays out a few scenarios in the report.