- The DevOps company JFrog announced Tuesday that it’s acquiring the security startup Vdoo.
- Analysts say they expect more M&A in the DevOps space as competition heats up.
- These mergers benefit customers that prefer to buy into single platforms versus multiple tools.
- See more stories on Insider’s business page.
On Tuesday, the $4.3 billion software management company JFrog announced plans to buy the security startup Vdoo for $300 million and analysts say it’s the start of an incoming wave of consolidation in the DevOps industry.
DevOps, a term that combines “development” and “operations,” aims to help companies secure, test, and release code faster. While DevOps tools were initially aimed at developers through open source software, companies have increasingly sprung up to focus on selling to the C-Suite.
And now that it has become a mainstream category, competition is heating up. Cloud providers like Amazon Web Services and Microsoft are rolling out DevOps tools to challenge independent software vendors, while developer companies like GitHub, GitLab, and Atlassian are building new capabilities or acquiring startups, too.
All of this will “continue to put pressure on niche players,” according to Forrester principal analyst Charles Betz, because most customers would prefer to get all of their tools from one platform rather than buying from several different companies.
“There’s so many darn tools and platforms and vendors that anytime there’s consolidation in DevOps, the market sort of cheers,” Jay Lyman, senior research analyst at S&P Global, told Insider. “It’s one less decision I have to make. It’s one less option I have to offer developers and DevOps teams.”
Last year, XebiaLabs and CollabNet converged to form Digital.ai and Microsoft’s GitHub acquired NPM. In May, ServiceNow announced it would acquire the monitoring company Lightstep and CircleCI acquired the release platform Vamp.
Analysts think the trend will continue:
“Certainly we expect there to be a fair amount of consolidation and acquisition activity,” Thomas Murphy, senior director analyst at Gartner, told Insider. “Part of this is driven by companies and the need to grow. Part of this is that organizations need more complete solutions.”
The SolarWinds breach also highlighted how too many siloed DevOps tools from different vendors can lead to greater security risks, since there are more avenues for hackers to attack your company, according to Forrester’s Betz.
“If you really are that new organization trying to start a DevOps journey, why would you buy tools from five different vendors?” he said.
That’s actually in part why JFrog – which went public last September – decided to acquire Vdoo: Right now, customers often have to choose between several security solutions, so JFrog wants to build a holistic solution that helps developers both secure and release their code during each stage of development, JFrog cofounder and CEO Shlomi Ben Haim said. He expects JFrog to acquire more companies in the future to help prevent major security hacks.
“This is a great opportunity to add 100 people to the company with the same DNA and the same vision,” Ben Haim told Insider.
Gartner’s Murphy also generally expects to see more mid-sized companies make acquisitions in AI-based analytics, cloud tooling, security, and cloud support to keep up with giant enterprises like Amazon and Google that can build similar functionalities: “Those to me are the places where any player in the market is going to need to make acquisitions, not just build things on their own.”