Seeking Alpha
We cover over 5K calls/quarter
Profile| Send Message| ()  

Sourcefire, Inc. (FIRE)

February 26, 2013 6:50 pm ET

Executives

Martin F. Roesch - Founder, Interim Chief Executive Officer, Chief Technology Officer and Director

Todd P. Headley - Chief Financial Officer, Principal Accounting Officer, Treasurer and Assistant Secretary

Analysts

Keith Weiss - Morgan Stanley, Research Division

Keith Weiss - Morgan Stanley, Research Division

Next one. Thank you, everyone, for joining us. My name is Keith Weiss. I'm a member of the software research team here at Morgan Stanley, and we're very pleased to have with us here this afternoon both Marty Roesch, CEO; and Todd Headley, CFO of Sourcefire. Still interim CEO?

Martin F. Roesch

Yes.

Keith Weiss - Morgan Stanley, Research Division

No one else wants to be?

Martin F. Roesch

No.

Question-and-Answer Session

Keith Weiss - Morgan Stanley, Research Division

I thought given RSA's going on this week, I thought a good place to start would be on one of the recent product announcements that you made, a dedicated appliance for FireAMP. Maybe you could start off talking to us more broadly about FireAMP. It's one of the newer product initiatives you have going on, I think it's very interesting. Start off with kind of the framework of this sort of next generation threat management, how FireAMP fits in there, then maybe drill down to today's announcement of the dedicated appliance.

Martin F. Roesch

Okay. So FireAMP is a technology that's primarily oriented around dealing with modern malware. One of the primary attack vectors that is being used to break in the modern enterprises is malware, it is the transport for getting attacks into many environments, and it's largely file-based. So attackers generate files, they get the files into various environments, those files contain malware and then it's off to the races. Once malware has penetrated an environment, you get into this malware's spreading effectively. It doesn't just get into an environment -- you don't get infected by one piece of malware, you get infected by 10 very rapidly, when you get infected these days. Traditional defenses for dealing with this revolve around antivirus systems, maybe some more recent anti-malware developments, but largely they're ineffectual against things that haven't been seen before. So what the AMP technology does is -- it's a new approach to doing Advanced Malware Protection, which is what AMP stands for, based on collecting large amounts of information about what's being observed in the environment, forwarding that information up to a cloud-based back end, where we have a big data analytics infrastructure back there that can look at the data and do a number of interesting things. So when you look at our AMP product, what you really get is you've got a cloud up in the sky, that's got all of our detection logic in it, it's got all of our intelligence in it, and then you've got a variety of connectors that talk to the cloud. So I've got an endpoint connector that rides on desktops or laptops or whatever, on Windows systems. I've got a mobile connector that rides on Android devices. I've got a virtual connector that rides on virtual infrastructure like VMware, and then I've got a network connector that rides on Sourcefire's FirePOWER appliances which is what this announcement was about today. So all of these connector technologies talk back to the same cloud, they stream telemetry up to the cloud continuously about what they're observing in their environment. So as files do activities, whether it be installing a file, copying itself, moving some other file, executing, doing network -- or generating network traffic, we bring all that information together in our cloud, and then once it's in the cloud, we do real-time analytics on it. So we look for things like known bad files, so I can look for things based on a blacklist and whitelist I have. I have prevalence analyzers and heuristics and machine learning engines to detect zero days, and then I keep that information. So I keep this information in the cloud persistently, so that if I figure out something is bad later, I can go back and see exactly what happened. So I have a comprehensive record of when the file showed up, what its attack vector was, what else it did, who else it talked to, I have comprehensive information on everything it did, everything it installed and everything that those installed items did. And if I don't like it, I can wind it back to the beginning very easily and get rid of it. So we call this retrospective security. So Sourcefire is really driving hard in the space right now because what we are observing is people are getting compromised. And one of the things I'd like to do is I like to go in to customers and I'll say, "So Mr. Customer or Mr. Investor or analyst, when you think about security these days, the questions you should really be asking yourself is if you were going to be compromised, would you do security differently?" And most people would say, "Yes, yes. If I knew I was going to be compromised I would probably spend my money a little differently and things like that." Well, guess what, everybody is being compromised. I mean I don't have -- I'm not trying to like scare anybody or anything like that, but this is happening, right? It's in the papers every day, Facebook, Apple, Twitter, New York Times, Lockheed Martin, you name it. And what we're seeing is that the industrialization of hacking that's happening right now, a lot of it is a being driven out of China, like the Manit [ph] reporter referred to last week. And with this happening, people have got to start realizing that the security game is not just putting up firewalls and deploying antivirus because I've got PCI compliance checklist get to through and things like that. This game is changing, and it's changing very rapidly, and if you are not paying attention, if you don't have a security technology that is developed to deal with the modern realities, then you're eventually going to have a really bad day or a really bad year because the average amount of time it takes for detection of an attacker who breaks into an environment is, according to the Manit [ph] report, on average, 356 days. So most enterprises, when they get popped, don't figure it out for almost a year. Imagine the damage that can be done at that time, and that's what we're doing. So we've built this AMP infrastructure so that people can figure out when they've been attacked using a variety of methods. Right? We have all the standard classic models for being able to detect malware, plus big data analytics for detecting previously unidentified malware, plus retrospective security. So if we identify malware later, we can see comprehensively what happened and continuously evaluate the health of our environment. This is what we talked about when we're talking about continuous capability. Every time a piece of malware operates, we have another opportunity to detect it. It's not like the classic model where, this data is presented to some security engine, the security engine makes a determination, good or bad, and if it misses something, it's gone forever. In the AMP model, every time this thing operates, we have another opportunity to detect it, and we have -- if we figure it out on our own that's something has gone wrong, we can simply click a few buttons and get rid of it. So this is a transitional model. We believe that security is transitioning to a continuous-model security as opposed to point-in-time security, which is the way that firewalls, Intrusion Prevention Systems, classic antivirus systems work. We believe that this transition to the -- this continuous-security model is happening, and FireAMP is very uniquely positioned in the market as being one of the pioneering technologies in this space. And the appliance, to answer your question --

Keith Weiss - Morgan Stanley, Research Division

To be fair I did ask you about 4 questions in 1 go.

Martin F. Roesch

And the appliance is -- essentially it's a device which has a network-based viewpoint that connects back to the cloud, forwards information about the movements of files over the network and being able to track them, essentially, as they move not just on desktops or end points or mobile devices, but also on the network. We've built a dedicated appliance because the initial introduction that we had was based on our IPS platform, so if you buy a Sourcefire FirePOWER platform that comes with IPS out-of-the-box, and then you turn on the -- as part of the deal, you would turn on the license for the Advanced Malware Protection. We thought it would make a lot more sense to kind of focus it down to the core function that a lot of people want, which is I've already got IPS infrastructure, don't sell me another IPS that has AMP. I just want AMP. Right? So they get a dedicated appliance, they can turn it on, they've got an AMP infrastructure up and running. And as we continue to feature up our network-based AMP capabilities, you will see these features come online in our existing customer deployments, and we'll get more and more capability on the network.

Keith Weiss - Morgan Stanley, Research Division

Got it. So just -- if you can, sort of give us a simple example, when we think about, like in New York Times which they detailed pretty well in the article and Symantec is saying, "Well if you use our software more effectively, they would have caught it." A, do you agree with that statement, and, b, what would FireAMP do differently?

Todd P. Headley

That's a pretty loaded question since Symantec is a partner of ours. I would say that, I think that they would have had limited success at detecting that no matter how they were configured.

Keith Weiss - Morgan Stanley, Research Division

But I mean they talk about behavioral analysis, they talk about, all these Advanced Malware Protection, so what's different in FireAMP that would have caught it?

Martin F. Roesch

The difference in FireAMP is the infrastructure that we've built on the back end. So Sourcefire is all about visibility and control, whether it be on our network devices or it be our AMP stuff, our Next-Generation IPSs, our Next-Generation Firewall. We proceed from this idea of visibility and control. So the fact that we can concentrate all this data in one place and keep it around for long periods of time, I don't think anybody else is really doing that, looking at it the way that we are. Symantec may or may not have been able to pick it up through behavioral analysis. I'm not deeply familiar with their behavioral analyzers, but the fact of the matter is that they had a -- probably New York Times is probably a high-profile customer that the technology, for whatever reason, was ineffective at detecting this particular threat. So it's kind of black eyes all around when people get compromised. And I think what we have to start understanding that getting compromised is a part of the game, you are going to be compromised. And if that is the game, you need to shift how you're going to consider how you're going to protect yourself. Right? It has to consist not just the technologies for building the biggest castle with the thickest walls, but now we've got to get into building prevention technologies that can stop attacks in real-time, when possible, when we can identify them, but we also have to have a game after an attacker has gotten in. So much of the world after an attacker has gotten in is this kind of this balkanized mess of technologies that are out there. You got Security Information Management, you've got forensics tools like Guidance Software, you've got full packet capture systems like NetWitness. You've got all those stuff out there. You've got Mandiant and Mandiant simply exists in the world after a compromise has happened. And there's no really best practices understood certainly in an automated fashion for being able to deal with these attacks. If you look at a lot of these systems, you have to know how to ask really complicated questions to get value out of them. The reason AMP exists is because AMP has tons of automation for being able to point out exactly the things that are important from a defender's viewpoint, and it's capable not just of recognizing the attacks by the fact that, hey this is a bad piece of software and I've seen it doing -- it has attributes of the bad of piece of software. Now we're also able to look at indicators of compromised and look at the behaviors of these pieces of malware over time, to flag them based on how they're acting in the environment, as well as just their compositions. So it's pretty interesting now because a lot of people aren't prepared to make this defense leap of saying, "Geez, I'm going to get compromised, how should I do it securely now?" This is up-and-coming stuff, it really is. And I think that over the next few years, there's going to be a big emission both in the security industry and from customers who are saying, "I need to have a much more effective capability versus a compromise that I have today. Because what I'm doing today is I'm calling for incident response and parachuting people in. I need a structured automated system for recognizing and countering outbreaks of malware in my environment that are actively seeking to compromise.

Keith Weiss - Morgan Stanley, Research Division

Got it. Got it. And the product initially went GA I think last fall, right? What's been the initial traction within your customer base? And how should we think about the up-sell opportunity? I mean, if you're doing some pricing because there is a sort of cloud service associated, you do move on to endpoint. How do you actually price with FireAMP?

Martin F. Roesch

So FireAMP, on the network, we have perpetual models for the dedicated appliances. And if you buy this FireAMP technology, as a license key add on to an existing deployment, that goes on a subscription model. For the endpoint and device connectors, those are on a per-receipt model. And then they -- there are efficiencies built into it as you buy more, essentially. So as far as penetration in a base, it's still early days. We would say about, what, 30% of our customer base is running FirePOWER at this point. We would say less than 10%, around the order of around 10% is running the AMP technology at this point. So it's -- it is very early days for the technology, but the promise that it's showing is very distinct. We talked about on the earnings call about a customer, we highlighted this customer case where we had a customer who was -- who detected some anomalous activity on their network using our network gear, and they have a full-blown FireAMP deployment. They had a nation state-level attack that happened. They were fully compromised from the top to bottom. They did a full FireAMP deployment. They got cleaned in about 3 or 4 days. So they're up and running, stable with FireAMP, and everything was running okay. They noticed some anomalies that were happening in the network environment so they pulled up their FireAMP console and started looking at what happened. And what has happened was, they get compromised by a Java exploit. So they identified the exploit from identifying the initial anomaly to identifying exactly what happened in 40 minutes, and cleaning it up, I think it went from 0 -- to clean in 40 minutes. Now what it turned out was that the compromise that they saw was, 2 days later, it was reported to the general public as the Java zero-day, came out back in January that everybody is getting hit by right now. So the fact that they went from being compromised by a previously unknown, unseen attack, to being clean from that attack, from the zero-day attack, in a 40-minute time frame, it's unheard of. It does not happen. Right? So we feel really good about what we built at Sourcefire. We've been very forward leaning, saying this is the way the technology is going, we believe this is the way the market is going to go because there is a distinct need here for a threat-centric security, and we're blazing that trail. And to have a customer-proof point, even in the early deployment at a small customer, it was this utility customer we talked about, it's absolutely huge. The stuff works, and it works really well and it lets you do things previously you could not do. You couldn't do these things 3 years ago, and we're able to do them at scale now.

Keith Weiss - Morgan Stanley, Research Division

Right. In terms of the -- for Todd, in terms of the FY '13 guidance, how much is built into that guidance for the ramp of the FireAMP?

Todd P. Headley

I was having fun listening to Marty talk. Just a little bit, again, Marty said, it's early days, it's largely a subscription model. We going to leverage our way by focusing on our install base first. Again, you need FirePOWER to run the network version, and so less than 30% of our install base today is running FirePOWER. And so we're approaching that segment of the market saying, "Hey for a small uplift you can get this added capability," as Marty has talked about, the power of the ultimate performance there. And we're going to get uptake demonstrations like the one with the utility company certainly helped, that news is going to get out and spread, and we think there'll be nice uptake. It's more of a 2014, 2015 driver, very little baked in, frankly, to the 2013 plan.

Keith Weiss - Morgan Stanley, Research Division

And the uplift versus just the Next-Generation IPS did you say 25% in uplift?

Todd P. Headley

It's 20%.

Keith Weiss - Morgan Stanley, Research Division

20%. Okay. Got it. And then you turning direction a little bit to the core IPS solution. Next-Generation Firewall, ETM's [ph] consolidating the IPS functionality, you guys are supposed to have them gone by now. And in most recent quarter, obviously, you proved that you're not. You're still growing very strong. What happened? Why did IPS persist and what keeps this market going strong for you guys?

Martin F. Roesch

So there's a market for the core IPS function as a stand-alone especially in best of breed environments in the Global 2000 environment that we primarily sell into. And when you look at the Global 2000, Sourcefire is currently in -- on the order of about 25% of the Global 2000, and that is our core market. So there is a need for high-fidelity solutions at the top end of the pyramid in terms of both the performance and capabilities that are required to give people the kind of capability that they need to be able to attack the problems that they have today. So that's what you're really seeing. And organizationally, in many cases, the guys who run the firewalls and the guys who run the IPSs are different people, especially in large enterprises. So I think you're seeing the perpetuation of that to some extent. There is a case to be made for consolidation of some of the stuff especially at the mid to lower end, and that's where you're seeing a lot of successes from the Fortinets and Palo Alto's of the world. But at the high end, the driver doesn't seem to be there as much, there's still a driver for best-of-breed, and people love our FirePOWER platform. They love the performance numbers that we post up and the fact that not only are we able to perform, but we're able to deliver the absolute best protection in the industry at those performance points. So that combination of having clearly the best-in-breed, best almost every way you can measure it in terms of -- you look at the NSS test, best protection, best performance, hardest to evade, best TCO. That makes a strong case for this is the technology -- due to our organizational structure this thing has legs and we'll keep going with it. And Sourcefire keeps bringing us new toys to the party basically. So if you bought a Sourcefire IPS on our first 8250 platform in April of 2011, you got an IPS. Today, on the exact same piece of hardware that still on the rack, you can run our IPS, Next-Gen IPS, Next-Gen Firewall, and our Advanced Malware Protection systems, all in the same piece of hardware. So I think there's a lot of things that are kind of driving the market to stay focused, especially threat-centric solutions like we have. Maybe you see it less in some of the other players that are out there, but for us, it's continued to drive the growth.

Keith Weiss - Morgan Stanley, Research Division

Got it. One of the things that we saw in most recent quarter was -- at least at the very high end. You talked about even the deals over $1 million, were relatively flat year-on-year, the gross value of those deals is up 37%.

Martin F. Roesch

37%.

Keith Weiss - Morgan Stanley, Research Division

Yes. On a year-on-year basis. To what extent did that sort of increasing deal size extend down the chain into all of your transactions? And what caused that? What's really pushing the deal values up for you guys?

Todd P. Headley

Well again, I think it's the flexibility of that FirePOWER platform. As Marty said, if you bought it 18 months ago, you ran it out of an IPS, today, you can run multiple things on it. So the dollar you may have spent could turn into $1.30 today, without doing a forklift upgrade on the hardware. So we did a lot of the analysis on the top deals because we knew that it looked a little flattish from a growth standpoint and sheer number of transactions. But we knew the dollars were a lot more. I would say that up and down the stack, that probably holds true, but we didn't do that deep-dive analysis to give you an exact number, what that looked like beyond the top deal.

Keith Weiss - Morgan Stanley, Research Division

Okay. So just from my view, a year ago guys were much more likely buying just IPS, now they're buying IPS, Next-Generation Firewall and perhaps AMP, and you're getting that top lift in these transaction sizes?

Todd P. Headley

That -- and I'll go back to what Marty said. We're viewed as a best-of-breed technology, and based on the NSS labs tests, people are making commitments to us based on that performance and the scalability, knowing they can turn an IPS box into a Next-Gen Firewall, with a small price increase, 2 or 3 quarters or even a year later. And I think that's adding to the value that we're bringing to a customer, and they're making larger initial purchases. And that's sort of the proof point that we wanted to demonstrate on the call.

Keith Weiss - Morgan Stanley, Research Division

Got it. I've got a ton more stuff to go through, but I wanted to make sure that I open it up for questions from the audience. Is there anything from the audience? Up here in front.

Unknown Analyst

Is there a microphone [indiscernible]?

Todd P. Headley

A microphone is coming.

Keith Weiss - Morgan Stanley, Research Division

There's the microphone. Right over here.

Unknown Analyst

Marty, you talked about how the AMP platform moves the state of the art from point-in-time detection to a continuous detection, and how it extends after the point of compromise. And you compared it a little bit to some of the existing solutions around SIEM and forensics so on. Do you see this over time as being complementary to platforms like SIEM and other forensic platforms? Or do you see this as, over time, really being the next-gen and the preferred approach for companies to do that?

Martin F. Roesch

I can see it being complementary in a lot of ways because of its focus on threats. So if you look at SIEM, SIEM exists for a lot of reasons. SIEM exists so you can have an understanding what your gear is telling you about what's going on in the environment. And that have a lot of value for a variety of reasons, some related to security, but others just created -- related to configuration for plans and things like that. So there's a bunch of applications for SIEM. SIEM is not particularly well-suited to being able to pick up a malware in the environment. Likewise, things like full packet capture systems, like the Guidance Software forensics package that you use to dig around on a system, I think those will continue to live. The AMP function, what it does is it allows you to have visibility into the operations of files on your endpoints of executable programs, moving around your endpoints and what they're doing. And it allows you to identify malicious stuff and clear it out. And that's a different function than a lot of the rest of this stuff. If I was to say what it's doing is it's starting to automate a lot of the tasks that an incident responder would try to do, but it has a persistence that people don't have. So it's not a services engagement where I run in the door and I fix you up and you're good to go, I give you your clean bill of health. This is something that stays in the infrastructure for good. And then when we figure out something has gone wrong, maybe it tells you something is fishy or maybe something else tips you off, you can get cleaned very quickly because it's not like we have to put the puzzle pieces back together, they're all right there for you. Here's a comprehensive history of everything that happened, clean it up. And that's the approach. So if I was to look at it from a competitive standpoint, I would say that it's almost not even competitive. I would say there would be a great augmentation for incident responders. I would say, possibly from a competitive standpoint, the people that should be most worried of the antivirus guys, because if you -- our stuff is designed to augment an existing antivirus deployment, but in a lot ways, as you get down the road with it, you'll probably start to figure out this antivirus doesn't actually do as much as it used to, and having this capability is kind of a primary capability that does a lot, and it's very effective against the actual threat environment that I face today. So maybe there's other dollars that I'm spending at other stuff that I can just pump into this. And we predict that's what's going to happen. If you look at the multibillion dollar AV market that's been getting a lot of kind of bad press lately, if I were put on my gardener for a minute, I would say there's -- some percentage of that market is going to move into, doing this advanced malware stuff, over the next call it 3 to 5 years, and maybe it's 10%, maybe it's 60%. And we'll see what that number ultimately looks like.

Unknown Analyst

[indiscernible] guidelines. So that's a little of a...

Martin F. Roesch

Yes.

Unknown Analyst

There's a little bit of friction there that makes that -- I agree with you conceptually, but the market friction with the compliance guidelines I think closed that.

Martin F. Roesch

And that's actually a very good point. We have big issues with the compliance regimes that are out there and also the organizational structures that are out there. If you look at a lot of large enterprise IT, what you'll see is that the CIO has a CISO who reports to him, who has a security team under him, who have different roles and responsibilities and people who actually specify and implement the infrastructure. And what that means ultimately is that the desktop guys can put together a pretty miserably bad desktop gold master that they distribute to all the employees, and when it gets compromised, it becomes the security guys' problem. How is this acceptable in the current environment where the table stakes for getting compromised are huge? Right? If you get compromised today, they will take everything that's not nailed down. And that's a huge problem. So I think there needs to be realignment across IT within these enterprises, and I think there needs to be a rationalization of spec-ing things like antivirus or firewall's or whatever. We see the majority of money in security are pumped into AV and firewalls. When was the last time a firewall stops an attack? When was the last time AV stops a zero-day? It doesn't happen very often. So I think there needs to be some rethinking of how we go after these problems.

Keith Weiss - Morgan Stanley, Research Division

Any additional questions? So there's one question that I want to make sure I got in. Because this is a question I probably get -- I've gotten most from investors since you guys put up your most recent print, and it has to do with the guide for the full year. The full year guide. You guys had typically, the past couple of years, talking about 20% growth. Going into the print I think there was a lot of concern around Sourcefire, particularly around federal government. And I was at a debate in the market with whether or not you guys are going to be able sustain that 20% guide. And you guys overachieved that. You guys came out with 25%. So the underlying question there is why? Why did you guys get more aggressive in sort of the forward guides then just had historically give in, the kind of, a, what you're seeing in the federal government and, b, sort of where the stock was?

Todd P. Headley

Sure. that's a very fair question. So to be clear, we've been always talking in the past, I think, 3 years about 20% or more, with a lot of emphasis on the or more. And then if you look at our demonstrated results, a year ago, we did 35%. That accelerated from 27% the year before that, and 26% the year before that. So the trajectory of this, at least 25% on the call was an indication of our confidence around the business, especially coming off a year where we did 35%. When we take a look at our pipelines, they're larger than they were a year or 2 years ago. We have more products in the bag, even though we've acknowledged here that we're early days in the Advanced Malware Protection market, and we're leveraging our way into the Next-Generation Firewall market, there is uptake there, there's a happy install base who is -- who are adopting the technologies. So just within the install base, there is capability to upgrade. And then you throw on top of that you have over 70% of the install base isn't running FirePOWER yet and they want to, as soon as the investment in the existing platform kind of reaches its end of life, from a depreciation cycle. And when you take a look at the consideration rates we're getting because of the NSS lab test, we're getting invited to more and more bake-offs. And so when you take a look at all of that, we sit down with our senior sales leaders and we look at the opportunities around the globe and there's enough critical mass there for us to see our way to that type of growth. And we wanted to recognize that. I think some in the marketplace have assumed we're getting disruptive, there are other companies have emerged on the market and they must be taking market share from us. Again, you just said why you're here, your demise was written a long time ago. The reality is we have been, and are being a disruptor. And there's plenty of market share for us to go get. Our TAM is at least 3x larger than it was a couple of years ago, it might be as much as 6x larger depending on how these markets come together and get defined. So there was really an acknowledgment of that. We are not opportunity constrained, we are building tons of capacity, a lot of that is internationally. Our #1 formula for success is time and territory. And I think what you're seeing in the international numbers, specifically, is that time and territory paying off. And these are investments we made conscientiously 2 or 3 years ago and we're continuing to make today, because there's a lot of white space we're not covering off.

Keith Weiss - Morgan Stanley, Research Division

Got it. And then just maybe just to flesh out there, the distribution investments real quick. Looking at just the number of partners added, it was much less than you have been adding historically, but that doesn't really tell the full story. Within those partners it's...

Todd P. Headley

It's capacity gain. Right now, if we didn't add another new partner, we believe we could build 2x to 3x the capacity, just in knowledge transfer, training, certification, comfort on selling our solutions. And so we're not in these numbers game, we really want quality because we know how much time it takes to do proper care and feeding of a partner, and it can be really disruptive if it's really just a numbers game, we can get defocused pretty rapidly.

Keith Weiss - Morgan Stanley, Research Division

Got it. So you do plan to continue that [indiscernible]?

Todd P. Headley

We do.

Keith Weiss - Morgan Stanley, Research Division

Excellent. Unfortunately, that takes us to the end of our time here, but thank you guys very much.

Todd P. Headley

Thank you.

Keith Weiss - Morgan Stanley, Research Division

It was a great discussion.

Copyright policy: All transcripts on this site are the copyright of Seeking Alpha. However, we view them as an important resource for bloggers and journalists, and are excited to contribute to the democratization of financial information on the Internet. (Until now investors have had to pay thousands of dollars in subscription fees for transcripts.) So our reproduction policy is as follows: You may quote up to 400 words of any transcript on the condition that you attribute the transcript to Seeking Alpha and either link to the original transcript or to www.SeekingAlpha.com. All other use is prohibited.

THE INFORMATION CONTAINED HERE IS A TEXTUAL REPRESENTATION OF THE APPLICABLE COMPANY'S CONFERENCE CALL, CONFERENCE PRESENTATION OR OTHER AUDIO PRESENTATION, AND WHILE EFFORTS ARE MADE TO PROVIDE AN ACCURATE TRANSCRIPTION, THERE MAY BE MATERIAL ERRORS, OMISSIONS, OR INACCURACIES IN THE REPORTING OF THE SUBSTANCE OF THE AUDIO PRESENTATIONS. IN NO WAY DOES SEEKING ALPHA ASSUME ANY RESPONSIBILITY FOR ANY INVESTMENT OR OTHER DECISIONS MADE BASED UPON THE INFORMATION PROVIDED ON THIS WEB SITE OR IN ANY TRANSCRIPT. USERS ARE ADVISED TO REVIEW THE APPLICABLE COMPANY'S AUDIO PRESENTATION ITSELF AND THE APPLICABLE COMPANY'S SEC FILINGS BEFORE MAKING ANY INVESTMENT OR OTHER DECISIONS.

If you have any additional questions about our online transcripts, please contact us at: transcripts@seekingalpha.com. Thank you!

Source: Sourcefire's CEO Presents at Morgan Stanley Technology, Media & Telecom Conference (Transcript)
This Transcript
All Transcripts