« Security for security's sake? | Main | The MySQL-ization of the Open Source movement or using open source as a shield »

August 17, 2007

Sourcefire buys Clam AV?

Saw the announcement today on Sourcefire buying ClamAV.  My first thought was why and how.  How do you buy an open source project.  But that became obvious reading the press release.  All of the copyright holders of the ClamAV project agreed to sell their rights in the software to Sourcefire.  You have to admit that it is a different kind of acquisition.  I did not bother doing the math, so do not know how much Sourcefire paid. 

For those who do not know ClamAV is an open source gateway AV project.  It is very widely used within many UTM solutions and MSSP offerings.  So how does Sourcefire monetize this?  What does this mean for ClamAV's customers.  If you are an individual or corporation using ClamAV as a stand alone product, it means you will still probably have free use of the AV engine.  However, any AV is only as good as its latest update.  We will see similar to what was done with Snort, a VRT certified, pay for AV signature update feed?  Will people not paying for the feed get updated AV signatures on a delayed basis?  What about all of these people using ClamAV in their UTMs?  Will we see a "clarification" to the ClamAV license that says they can't use it as part of UTMs?  Will Sourcefire now seek to commercially license the product to all of these UTM and MSSP vendors?  I don't know, but it seems likely, based upon their past moves.

AV is not exactly a cutting edge technology but it can be a cash cow.  There are lots of options in the AV market.  If I was a UTM provider or MSSP using ClamAV right now, I would be exploring my options, waiting for the other shoe to drop here. I think this once again shows that if you are incorporating open source tools into your technology as a vendor, unless you own the copyrights, do so at your own risk.

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d83451e4d369e200e54ecc5e098833

Listed below are links to weblogs that reference Sourcefire buys Clam AV?:

Comments

My Photo

Subscribe to my blog

Enter your email address:

Delivered by FeedBurner

Lijit Search

Blog Networks

Creative Commons License
This work is licensed under a Creative Commons Attribution-Share Alike 2.5 License.

Search

Lijit Search

Blog powered by TypePad
Member since 10/2005