X
100233

With $775m Signal Sciences buy, Fastly blends security with edge computing

August 27 2020
by Craig Matsumoto, Daniel Kennedy, Scott Denne


Introduction


Content delivery network (CDN) provider Fastly has announced its first major deal with the purchase of web application firewall (WAF) firm Signal Sciences. The move should help the acquirer in the ever-escalating arms race for CDN security, where vendors such as Cloudflare and Akamai are strong. It also plays into the narrative of CDN edge computing, where Fastly is chasing the opportunity to give developers even more power to configure and control their security options on its platform.

Snapshot Snapshot

Acquirer

Fastly

Target

Signal Sciences

Subsector

Security

Deal value

$775m

Date announced

August 27, 2020

Closing date, expected

Second half of 2020

Advisers

Morgan Stanley and Union Square Advisors (Fastly); Qatalyst Partners (Signal Sciences)

The 451 Take

This transaction overlaps two trends among CDNs: edge computing and security. To the latter point, large CDNs are increasingly pitching themselves as security platforms. Cloudflare, which like Fastly is a younger CDN, might be best known for security, and Akamai, the oldest and largest of the CDNs, now generates one-third of its revenue from security. Fastly has always offered security features, but Signal Sciences represents a noteworthy boost in capabilities.

Edge computing is a natural fit for Fastly, as its CDN was built with developers and programmability in mind. The idea of letting users program the CDN has gained momentum quickly, however, and old-school CDN providers such as Akamai, Limelight and Verizon Media Platform (the former EdgeCast) have gotten more serious about catering to developers. Tying edge computing and security together more strongly could bolster Fastly's efforts on both fronts.

Deal details


True to its name, Fastly has wasted no time becoming a big-time buyer. Less than 18 months after its IPO, the CDN firm has inked its first acquisition, paying $775m for Signal Sciences. None of the other enterprise tech vendors in the 2019 IPO class have yet to print a nine-figure deal. According to 451 Research, the other members of that group have spent less than one-third of what Fastly is paying today for all of their transactions combined.

More typically, tech companies that go public make a handful of smaller prints before a sizable strategic bet. Palo Alto Networks and Splunk, for example, spent six years as public entities before they each did their first $500m-plus deals. But those vendors came public in a far more subdued market. Fastly stock has soared since the spring – its price has more than quadrupled since the start of May, according to S&P Market Intelligence.

And that surge has largely made today's transaction possible. Of the purchase price, only $200m will be paid in cash. The remaining $575m comes in Fastly shares. Just how many shares will depend on the average trading price near the close of the deal, and the amount is limited by a two-way collar.

What Fastly does share with Palo Alto and Splunk is a willingness to pay up for infosec providers. According to our estimates, Splunk has paid more than 20x trailing revenue for each of its three $100m-plus purchases, while Palo Alto paid north of 15x on at least seven of its 14 prints. Fastly paid 27.6x for Signal Sciences, a number that's partially explained by the target's growth. Signal Sciences posted $28m in annual recurring revenue as of the end of June, according to our understanding, which is nearly double the amount from 2018.

Qatalyst Partners advised Signal Sciences on its sale, while Morgan Stanley and Union Square Advisors banked the buyer.

Deal rationale


Signal Sciences should enhance Fastly's security portfolio as it brings some capabilities in-house – bot management, for example, which the acquirer has offered via a partnership with PerimeterX. But Fastly is also excited about the deal's implications for edge computing. In 2018, the vendor introduced a serverless function capability now known as Compute@Edge, which lets developers 'program' the CDN – adding code to customize functions such as a WAF. Fastly intends to add Signal Sciences to its forthcoming Secure@Edge offering, which will combine its security portfolio with Compute@Edge to expand developers' security options.

Target profile


Culver City, California-based Signal Sciences was founded in 2014 with a concept born out of the application security challenges its founders experienced and addressed at Etsy, where existing offerings were not keeping pace with the scale of the large online marketplace. Its primary product is a next generation WAF offered as a two-part service with a server or application-side installation and a cloud-based engine that evaluates data coming in and pushes rules down to the client-side installation.

This approach allows the WAF to leverage findings across Signal Science's universe of customers, creating a type of shared threat intelligence. The strategy has led to a reported 95% of customers running the WAF in blocking mode, a key difference from legacy approaches where blocking traffic was disabled at the first sign of a false positive, and many hardware-based appliances remained due to compliance requirements such as the original PCI Data Security Standard on application security.

Acquirer profile


Founded in 2011 and headquartered in San Francisco, Fastly offers a CDN aimed at developers. Its origin story is that founder Artur Bergman, formerly CTO at Wikia and a developer himself, got tired of working with CDNs and set out to build one to his liking. Thus, one of Fastly's early value propositions was the ability for developers to write their own code to configure the CDN – in contrast to a traditional CDN, which is a black box primarily serving an audience of content providers. The significance of Compute@Edge is that it allows for programming in multiple languages – the vendor's platform was always programmable, but it originally limited developers to the Varnish language. Fastly went public in 2019, and its full-year 2019 revenue was $200.5m.

Competition


With its WAF capabilities, Fastly vies directly with similar offerings from Akamai and Cloudflare, which generally also bundle related application protection capabilities such as bot detection/mitigation and distributed-denial-of-service protection. Cloudflare and Akamai pitch their offerings to some customers as security platforms first, and reaching for Signal Sciences could give Fastly stronger footing in those situations.

Beyond CDNs, the WAF space also includes incumbents such as F5 Networks and Citrix, whose application delivery controllers provide a logical install point for WAF capabilities. Fortinet, Imperva, Barracuda Networks and A10 Networks are contenders as well, along with cloud suppliers AWS and Microsoft Azure. Finally, the runtime application self-protection sector is competitive with WAFs and is sometimes a flavor of the way a WAF is deployed – players here include but are not limited to Contrast Security, Waratek, Micro Focus and Threat Stack.