• E-mail
• Print
• Comment
• Font Size
• Digg
• del.icio.us
• Discuss article

St. Paul, Minn.-Area Software Security, Consulting Firm Sees Patchwork Profits

Posted on: Monday, 30 June 2003, 06:00 CDT

Jun. 29--Failure pays off. At least, it does for Mark and Rebecca Shavlik and their 10-year-old software security and consulting company, Shavlik Technologies.

The company designs programs that patch security holes in Microsoft products. Given that there are millions of lines of code in any product, opportunities for failure abound.

In each cubicle in the basement of Shavlik Technology's bungalow office in White Bear Lake are whiteboards chock full of dense, scribbled software equations and funny sayings like "I am the king of the squirrels!" To the unschooled eye, it looks all very geeky and maybe a bit dull, like applying the software equivalent of Spackle to smooth out gaps and lumps in digital drywall.

Super Bowl weekend in January provided plenty of unexpected entertainment, though.

A malicious piece of computer code nicknamed Slammer had ripped across the Internet early that Saturday morning. It burrowed into database computers through a hole in a Microsoft database manager program. As Slammer multiplied, servers with databases in banks, government offices and even police and fire 911 call centers ground to a halt. Web traffic sputtered and stalled.

The Shavliks saw the news about Slammer on CNN. They raced to the office and worked with their staff through the weekend, giving away more than four million free versions of their patch management program called HFNetChk as well as selling an industrial strength enterprise version from the Microsoft Web site, where Slammer victims were going for information.

It was a marketing coup.

HFNetChk's name appeared on tens of thousands of Web pages linked to information about the worm. If frantic corporate information technology managers didn't know the company before, they quickly learned as they downloaded Shavlik's free patches or paid for its more feature-laden enterprise program.

"That's our competitive club," Mark Shavlik said. "We're the company that Microsoft chooses for its security. I mean, wouldn't you want to use the company Microsoft uses?"

The company had partnered with Microsoft to develop its "Hot Fix Net Check" patch manager for Microsoft's products two years ago.

HFNetChk, which everyone pronounces "Huf-Net-Check," is not a consumer-oriented product, but it's well-known among system administrators.

The relationship spared Microsoft the cost of developing patches on its own. It allowed Shavlik to leverage Microsoft's considerable marketing reach to sell its product, said the company's chief financial officer, Rebecca Shavlik.

It's a winning formula that Shavlik has followed since it began 10 years ago as a one-man consulting company. The couple has leveraged bank loans and their own money, but unlike a lot of tech start-ups in the go-go '90s, it has never leaned on venture capital money while it looked for a way to make real money. Instead, it's cut original equipment manufacturer or OEM agreements like the one with Microsoft to run a self-sustaining operation from day one.

Shavlik has made money every year, except for 2001, a horrible year for all technology companies. That year, it had positive cash flow but missed profitability by 1 percent, said CFO Rebecca Shavlik.

Shavlik Technologies regained profitability in 2002 -- it would discuss specifics -- while generating $4 million in revenue. Since then, interest in its patches has grown so much that its revenue in the first half of this year has surpassed last year's total. The company expects to see $10 million in revenue by the end of December.

If it sounds like the Shavliks had an inside edge at Microsoft, they do. Mark Shavlik knows Microsoft literally inside and out.

He worked for Microsoft as a young software design engineer and manager for five years from 1986 to 1991, including on the team that turned out the first version of its Windows NT program.

He joined right before Microsoft went public and left at the age of 28 after his first five-year stock vesting period, one of many Microsoft mini-moguls.

Some of his friends left too, and like him, started their own companies -- "Baby Bills," they were called, after Microsoft founder Bill Gates.

Yet of his small circle, Mark Shavlik says he's the only one with a company still standing after the tech economy cratered. Two closed their doors and walked away. One broke even selling his firm to Microsoft's arch rival, Oracle, he said.

The Shavliks, on the other hand, are planning to move from their cramped bungalow offices on White Bear Parkway to bigger office space in Roseville at the end of the summer.

The couple isn't worried about competitors, all of comparable size, but Mark Shavlik says he expects the big boys of security software like Computer Associates, Network Associates and Symantec to start offering software patch management programs of their own next year.

"It's going to be a very dynamic market next year," he said. "But they're going to be at version 1.0, and we're going to be at version 5.0. That's a big advantage for us."

-----

To see more of the Saint Paul Pioneer Press, or to subscribe to the newspaper, go to http://www.twincities.com/mld/pioneerpress.

(c) 2003, Saint Paul Pioneer Press, Minn. Distributed by Knight Ridder/Tribune Business News.

MSFT,

More News in this Category