Thoma Bravo To Buy Veracode From Broadcom For $950 Million
Application security testing vendor Veracode will change hands for the third time in 20 months, returning to independent status under the stewardship of Thoma Bravo.
Chicago-based Thoma Bravo will purchase Veracode for $950 million in cash, or nearly 55 percent more than the $614 million CA Technologies paid for the Burlington, Mass.-based company in March 2017. Since then, ownership of Veracode shifted over to Broadcom when the San Jose, Calif.-based chipmaker purchased CA Technologies for $18.9 billion in July 2018.
"Partnering with Thoma Bravo, a proven security software investor, is expected to extend our market reach and further fuel our innovation so that we can offer the broadest security platform and empower us to accelerate growth," Sam King, SVP and GM of Veracode, said in a statement.
King will become Veracode's CEO when the proposed acquisition by Thoma Bravo closes later this quarter. She joined Veracode 12 years ago as VP of service delivery and worked her way up the ranks to chief strategy officer before becoming responsible for leading the Veracode business unit within CA Technologies in July 2017.
Veracode's SaaS platform is focused on helping security teams and software developers find and fix security-related defects at all points in the software development lifecycle, according to the company. The company serves more than 2,000 customers across a wide range of industries, including nearly a third of the Fortune 100.
"As long-term investors in cybersecurity software, we are impressed with the speed and quality of innovation at Veracode," Seth Boro, a managing partner at Thoma Bravo, said in a statement. "Sam King and her team are seasoned, proven operators addressing a critical security problem in application development, and delivering best in class products."
Veracode was founded in 2006, employs nearly 600 people, and raised $114.3 million in seven rounds of outside funding before being purchased by CA Technologies early last year. Company executives weren't immediately available for additional comment.
As companies continue to build complex applications containing sensitive data, they have found that the application themselves are increasingly becoming the target of more sophisticated cyberattacks, Thoma Bravo partner Chip Virnig said in a statement. As a result, Virnig said applications need to be built with security in mind from day one, creating a significant market opportunity for Veracode's offerings.
Veracode's Application Security Platform offers a holistic, scalable way to manage security risk across an entire application portfolio through broad language, framework, and testing technology coverage. The company allows customers to transform how they build and buy software by deeply integrating security into their software development lifecycle and enabling DevSecOps processes, according to Veracode.
"In today's digital economy, practically every company is turning into a software company through their own digital transformation," Virnig said in a statement.
Thoma Bravo has been incredibly active in the cybersecurity market this year, kicking things off with the acquisition of publicly-traded storage and security player Barracuda Networks for $1.6 billion in February. Three months later, the private equity firm purchased a majority stake in LogRhythm to accelerate the Boulder, Colo.-based SIEM vendor's operational and product development roadmap.
In July, Thoma Bravo agreed to buy from investors a majority stake in Centrify to help the Santa Clara, Calif.-based identity management vendor expand its product management capabilities both organically and through acquisitions. In October, Centrify announced plans to spin out its Identity-as-a-Service business into a stand-alone company called Idaptive, which will also be owned by Thoma Bravo.
That same week, Thoma Bravo announced plans to acquire publicly-traded application and data protection vendor Imperva for $2.1 billion.