Whenever there is a merger or acquisition of a technology company, there is uncertainty about the future of products offered by either company. What is the new strategy? Will the solution I purchased continue to be supported, or even exist? Now that the technological and business ramifications of Micro Focus’ intent to merge with Hewlett-Packard Enterprise’s software business segment have had time to sink in, we are starting to hear questions from enterprises impacted by the merger.

Any time there’s a disruptive event like the one happening to HP Software, there’s risk to customers in terms of the future viability of the products they use. In analyzing the Micro Focus, HP Software merger, Nils Pratley of the Guardian stated, “Micro Focus occupies the unglamorous end of the technology industry, where the money is made by managing and updating legacy infrastructure. It is a fix-it merchant rather than a pioneer."

The solutions Micro Focus will bring into its technological menagerie from the merger include software ranging from big data analysis to IT operations software to application security solutions. As a leader in the application security industry, the questions we are hearing are about the impact on AppSec technology and the market in general.

This merger comes at a time when application security is in the midst of a major transformation. What was once seen as a security-led initiative is now being “pushed left” into the realm of the developer. Application security vendors and security professionals have typically minimized the developer when building out solutions and evolving security programs. However, with the advent of DevOps and continuous deployment/release models becoming more common, developers’ influence on application security is becoming more pronounced – and rightly so. This shift in the market occurring along with this major merger announcement is understandably creating a new dynamic within many enterprises.

If we look at Micro Focus’ track record with acquired technology, their focus is on profits and margins rather than innovation, product or revenue growth.  Micro Focus’ has stated that its strategy regarding the HP Software assets they are acquiring will be the same.  In addition, given that the transaction is not scheduled to close until mid-2017 at the earliest, the application security product, like all of the software solutions that are part of this deal, will be in a state of limbo while the deal is scrutinized and finalized. This could take up to nine months, a lifetime in a rapidly evolving technology market.

In a category that is undergoing a major transformation, enterprises are going to need vendors in the Application Security space who are committed to making the investments needed to stay relevant and effective. The systemic risk to our economy and national security brought on by insecure applications is far too important an issue to put off until later. Figuring out how to enable our digital economy to grow requires developers and professionals to collaborate on a system that will empower developers to continue to innovate without increasing risk. The transformation currently going on in the market also means Application Security vendors need to include developers so we can empower them to securely build the software that runs our world. And this needs to be done now.

The uncertainty introduced by this merger puts increased pressure on others in this industry. Veracode is ready for the challenge, and has been working with developers with initiatives like “Project Purina,” where our own developers integrate our solutions and manage an AppSec program; product releases like Developer Sandbox; and innovation to help security teams and software developers protect applications and shorten time to deployment. We won’t stop there. The future of AppSec is developer-led, and Veracode will continue to be a driving force behind enabling movements like DevOps with application security solutions and programs.

To learn how Veracode can help you, contact us today.

About Jessica Lavery

Jessica is part of the content team at Veracode. In this role she strives to create and promote content that will engage, educate and inspire security professionals around the topic of application security. Jessica’s involvement with the security industry goes back more than a decade at companies like Astaro, and Sophos where she held roles in corporate communication and marketing.

Comments (0)

Please Post Your Comments & Reviews

Your email address will not be published. Required fields are marked *

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.