On 25 October 2005 Sourcefire Inc, which makes internal security products and sponsors the open source Snort intrusion detection engine invented by its CTO, Marty Roesch, filed its intent to go public with the SEC. We’ve all been watching the prospective IPO with bated breath.

Sourcefire would be the first security IPO for some time, and its success - or, uh, not - will be a helpful indicator to vendors wondering whether going public is, once again, a viable exit. It’s also, we’re keenly aware, an IPO of a company which has demonstrated commitment to open source issues. If Sourcefire’s IPO goes well, it has the potential to energize companies innovating and supporting commercial adoption of open source.

In the Risks section of Sourcefire’s we - like some others - noticed mention of a lawsuit filed by PredatorWatch Inc (now NetClarity), that accuses Sourcefire, Roesch, and three general partners of Inflection Point Ventures of theft of intellectual property and unjust enrichment.

While Sourcefire’s products rely on a significant amount of proprietary technology, Snort still plays an important part of what Sourcefire does, and Sourcefire sponsors open source development of Snort. The lawsuit, however, does not relate to Snort, but rather to those proprietary technologies.

We’ve read the court filings and reviewed press releases from Sourcefire plus historical website caches from PredatorWatch’s websites. We have no opinion as to the merits of the case. We do note the irony of an open source company being sued over an intellectual property dispute.

In court filings, among other things, it seems that PredatorWatch is asking this question: Did Check Point discover anything in its due diligence – the process investigating the provenance of the technologies Check Point was buying - which might relate to the lawsuit?

The suit alleges that after PredatorWatch approached Inflection Point Ventures in June 2004 for an investment and possible partnership with Sourcefire, IPV called in Roesch to review PW’s technology. IPV admits PW gave it a slide deck marked ‘Corporate confidential and trade secret’ and ‘Copyright,’ and that PW CTO Gary Miliefsky presented it to IPV. It admits Miliefsky told IPV that PW had patent applications pending. PW claims the presentation contained confidential and proprietary trade secret information about architectural features and operational mechanics of its product. The suit claims that a year later, Sourcefire upgraded its RNA/3D system to provide this functionality.

The response in court filings is unambiguous: IPV denies showing the information to Roesch; Roesch denies the key conversation that Miliefsky says took place between them, and also denies seeing anything confidential of PW’s. Sourcefire denies all substantive accusations.

What got our attention in the first place was the S-1 filing, which says:

On May 22, 2006, we answered the plaintiff’s complaint and denied each and every count contained in the plaintiff’s complaint … Our defense of this litigation, regardless of the merits of the complaint, has been, and will likely continue to be, time consuming, extremely costly and a diversion of time and attention for our technical and management personnel. Through September 30, 2006, we have spent approximately $174,000 in legal fees and expenses on this litigation and expect to incur substantial additional expenses even if we ultimately prevail. In addition, publicity related to this litigation has in the past, and could likely in the future, have a negative impact on sales of our RNA products. Sales of our RNA product amounted to $4.5 million and $2.6 million for 2005 and the nine months ended September 30, 2006, respectively.

No party to the suit would comment for the Market Development report we published in our Market Insight Service yesterday.

The suit was filed on 22 February 2006, and initially listed Check Point as an equitable attachment’ defendant. Some time after Check Point pulled out of the deal on March 29, citing national security concerns by US regulators, Check Point’s name was dropped from the suit.

[Today, Check Point announced that CFIUS approved its $20m acquisition of Sourcefire competitor NFR Security.]

Regardless of this case, entirely as a separate principle, learning to manage IP during all stages of development is vitally important for any company, and will become increasingly more important – and more complicated – as enterprises adopt open source technologies.