- Micro Focus may not yet be known for enterprise security, but it has become a significant player with the addition of HPE’s software assets.
- Micro Focus must go beyond touting its size and promote its analytics-centric strategy to better secure users, applications, and data.
Micro Focus may not yet be well known on the enterprise security landscape, but that’s about to change.
The vendor has been around since the ‘80s working on COBOL, but on September 1, 2017, Micro Focus became a new company. That’s when it completed its so-called ‘spin-merger’ with Hewlett Packard Enterprise, absorbing most of the software assets of HPE. Overnight, Micro Focus became a goliath: $4.4 billion in annual revenue, 18,000 employees, and offerings in segments including DevOps, hybrid IT, data management, analytics, and cybersecurity.
Until recently, it was unclear how Micro Focus would build its brand in cybersecurity; whether its go-to-market strategy for enterprise security would deviate from that of HPE, whose security product portfolio it acquired; and how it would integrate, rationalize, and advance its broad set of security products, acquired through numerous acquisitions. But, at its recent Micro Focus Protect customer conference, the vendor offered the public a first look at its enterprise security strategy.
Micro Focus is now the world’s seventh-largest pure-play software vendor, and that fact has been the core of its early go-to-market messaging. Its first objective is to quickly and definitively establish the public perception that it is a major player in key enterprise software segments, and its size alone is reason enough to demand consideration among enterprise buyers.
Yet, a closer examination of its planned approach toward enterprise security reveals the makings of a complex, nuanced, and potentially differentiated strategy that emphasizes the security of users, applications, and data; the creation of open security product architectures to break down data siloes; and the broad use of analytics to develop faster, more predictive insights to power security automation.
One of the vendor’s top post-HPE product development priorities is to build more ties between former HPE security products like its ArcSight SIEM – the new centerpiece of the Micro Focus security portfolio – and the Micro Focus identity and access management product line. Micro Focus envisions integrations that correlate security events based on granular identity data, such as tying non-compliant devices to common users or groups and changing or limiting user access based on those correlations. It’s a depth of integration that isn’t common today and could be a highly useful, desirable offering.
ArcSight accounts for more than half of the $800 million in annual security revenue at Micro Focus, but customers have long been frustrated with the aging product, especially when it comes to extracting data collected by the system for use elsewhere. But the ArcSight Data Platform, the next-generation version of the SIEM, has been revamped to better integrate with third-party systems for data collection, data export, threat-hunting, and analytics tools from Micro Focus and third-party vendors. Now ArcSight, once seen as antiquated, is positioned to compete for a place in security operations centers for years to come.
Micro Focus executives say an advanced analytics ecosystem allows organizations to proactively develop an understanding of their technology and data; classify vulnerable, at-risk, and sensitive assets; and take specific actions to limit risk to the organization. The final key piece of its strategy is for its Vertica big data analytics product to serve as customers’ centralized security data lake, becoming the center of a real-time predictive security analytics system to identify potential incidents and risks faster and more accurately than is possible today.
Micro Focus faces many challenges, including how to strengthen relationships with IT security buyers, rationalizing and integrating its broad portfolio, and solving several branding challenges. But its enterprise security strategy is focused and achievable, plays to its strengths, and has the potential to differentiate the vendor among its competitors. Successful execution of that strategy will quickly convince the industry that Micro Focus is more than just another big vendor.