The security vendor of 2020 will be…Microsoft

Posted by

In 1995, Netscape became one of the first Internet-era companies to go public with no earnings. In one of the most successful IPOs up to that time, Netscape had a day-one market valuation of $2.9 billion. The company was fairly successful for a while. Then, Microsoft bundled their Internet Explorer browser for free into Windows operating systems. Netscape collapsed. In 1998, the US Department of Justice brought antitrust charges against Microsoft, contending that bundling software within its operating system constituted monopolistic tactics. DOJ actions almost resulted in Microsoft being split into two companies, but legal challenges cut that action short.

Microsoft had, as Scott Galloway puts it, “featurized” Netscape. “Featurization” happens when a well-resourced company copies a product and adds it as a bundle to its offering stack. Microsoft is gradually featurizing security products into its Azure/O365 stack. In fact, they are getting pretty good at it, as they are a leader in five Gartner “Magic Quadrants.

Let’s look at one category in particular – Endpoint Protection Platforms:

There is certainly money to be had in taking share from the players in this market. For example, Carbon Black (bottom right quadrant in the above figure) is a pure play in the endpoint protection space. Carbon Black was bought by VMware last summer for $2.1 billion. At the time, Carbon Black had $237.6 million in annual revenues, 19 percent growth, and negative earnings. Microsoft’s competing product is Windows Defender ATP. I would not feel comfortable if I was VMware, having spent almost ten-times revenues for a company in the crosshairs of Microsoft.

Microsoft is also rolling out its Sentinel SIEM. One of the companies they will be aiming for is Splunk. Splunk, a pure play SIEM provider, most recently reported $626.3 million in yearly revenues. Is Sentinel as good as Splunk? No, but all indications are that it is pretty good and getting better.

In fact, Microsoft’s offerings really don’t need to be better than security solutions from other vendors. Microsoft’s advantage is that they embed security offerings within their Microsoft O365 E5 suite (and other add-ons). For example, organizations that elect to purchase Microsoft’s E5 option get not only the traditional Office applications like Word, PowerPoint, and Excel, but also Teams (the Slack killer). Security solutions in E5 (see figure below) include Windows Defender ATP (the Crowdstrike/Carbon Black/ killer) and Cloud Access Security Broker (the Netskope/CipherCloud/ killer).

This image has an empty alt attribute; its file name is image.png

Organizations can then add on the AD Premium option to get Privileged Identity Management (the CyberArk/Thycotic/ killer). Microsoft makes it easy to spot their security vendor targets with a handy online tool.

Now, notwithstanding Gartner’s reviews, are Microsoft’s security offerings really better than the best-of-breed point solutions? Probably not. Their main advantage is a single bundled offering of products that work well together. Their offerings are often at least “good enough” and are getting better all the time.

For organizations that are using Active Directory and O365 (the majority of organizations), Microsoft security solutions are add-on features. This makes procuring these solutions simple. It also puts the onus on the organization’s Security staff to explain why the Microsoft option is not sufficient. With the complexity of selecting, procuring, and managing these security solutions, this is a big advantage. Further, their strong security portfolio can be seen as a differentiator against cloud rivals like AWS and Google. In the last quarter reported, Azure revenues grew by 62% vs. AWS at 34%.

Microsoft’s deep pockets and their strategy to vertically integrate security solutions into their offerings is going to take market share from existing security vendors. Barring government regulatory actions, Microsoft is my bet as the security vendor to watch in 2020.