Sourcefire buys Clam AV?
Saw the announcement today on Sourcefire buying ClamAV. My first thought was why and how. How do you buy an open source project. But that became obvious reading the press release. All of the copyright holders of the ClamAV project agreed to sell their rights in the software to Sourcefire. You have to admit that it is a different kind of acquisition. I did not bother doing the math, so do not know how much Sourcefire paid.
For those who do not know ClamAV is an open source gateway AV project. It is very widely used within many UTM solutions and MSSP offerings. So how does Sourcefire monetize this? What does this mean for ClamAV's customers. If you are an individual or corporation using ClamAV as a stand alone product, it means you will still probably have free use of the AV engine. However, any AV is only as good as its latest update. We will see similar to what was done with Snort, a VRT certified, pay for AV signature update feed? Will people not paying for the feed get updated AV signatures on a delayed basis? What about all of these people using ClamAV in their UTMs? Will we see a "clarification" to the ClamAV license that says they can't use it as part of UTMs? Will Sourcefire now seek to commercially license the product to all of these UTM and MSSP vendors? I don't know, but it seems likely, based upon their past moves.
AV is not exactly a cutting edge technology but it can be a cash cow. There are lots of options in the AV market. If I was a UTM provider or MSSP using ClamAV right now, I would be exploring my options, waiting for the other shoe to drop here. I think this once again shows that if you are incorporating open source tools into your technology as a vendor, unless you own the copyrights, do so at your own risk.