Cloud-based patch management and vulnerability remediation provider, Action1, has confirmed the company’s plans to stay founder-led days after the company received an acquisition offer from CrowdStrike at a valuation of close to $1 billion.
The decision to stay independent was mostly taken in favor of the brand keeping full control of its operations and not letting the dilution from an acquisition impact the brand’s “ability to innovate.”
“As a fast-growing company, it’s natural that we’ve attracted a lot of M&A interest from various companies,” said Mike Walters, president and CEO of Action1. “However, we believe the potential in our market is enormous, and we didn’t want to give up our independence. We realized we could build something truly successful and impactful without becoming part of a larger company.”
CrowdStrike was presumably eying Action1 as it needed serious help with its patching routines in the face of the recent Falcon fiasco. Notably, CrowdStrike has so far declined to comment on the acquisition discussions with Action1, saying the company refrains from responding to “rumors and speculations.”
Customer sentiments were a deal-breaker
When asked about the reasons Action1 considered while deciding to decline the buyout offer, Walters said “customer trust” was a leading factor.
“When the leaked email about a potential acquisition by CrowdStrike made the news, many of our customers were disappointed,” Walters said. “We saw a lot of comments on Reddit and LinkedIn, and the overwhelming consensus was that we should stay independent. That was a big vote of confidence for us, reaffirming our belief in our strategy to remain independent.”
Hours after the CSO exclusive on the potential deal went live, several users submitted their disapproval on Reddit. One wrote, “Oh god I hope not. Action1 is my personal RMM (remote monitoring and management) at this point”, while user another said, “This would be a great acquisition for CS, but will probably suck for a lot of us.”
Action1 users mostly feared the deal would see CrowdStrike taking apart some of their favorite Action1 offerings including free patch management for the first 100 endpoints. The users, on Reddit, unanimously agreed that CrowdStrike would probably put all free offerings behind a paywall. “RIP Action1, great product you will be missed!” one of them had written.
What the future holds
If nothing, the recent developments have fired up Action1, now wanting to deliver doubly on its brand promises.
“We want to stay focused on solving the challenge of patch management, which we believe has never been properly addressed, even though many companies have tried,” Walters added. “Our goal is to ensure that no vulnerability gets exploited if a patch is available — it’s that simple.”
Most of the breaches and ransomware attacks are routed through a vulnerability that remains unpatched for far too long, he explained.
Talking about what options CrowdStrike has after Action1’s refusal, Walters said that there is no dearth of suitable partners for CrowdStrike. “The patch management space is highly competitive, with numerous vendors claiming to offer solutions,” he noted. “However, many of these vendors rely on OEM products rather than developing their own solutions. For example, Ivanti, formerly HEAT Software, provides an OEM module that many products use.”
Emails sent to CrowdStrike for comments on the development did not elicit a response till the publishing of this article.