SolarWinds, the observability and IT management software vendor best known for changing the conversation about supply chain vulnerabilities after the 2020 SUNBURST attack targeting certain versions of its Orion management tools, is being acquired by private equity firm Turn/River Capital for $4.4 billion.
Under the terms of the deal, SolarWinds will become a privately held company and its common stock will no longer be listed on the New York Stock Exchange. SolarWinds, which is based in Austin, Texas, will continue to operate under the SolarWinds name and brand under the terms of the deal.
Turn/River Capital said in a statement that it intends to accelerate growth and further innovation at SolarWinds through the acquisition, but a company spokesperson declined to comment further beyond its press release on the deal. A spokesperson from SolarWinds also declined to answer questions about the deal from ChannelE2E, including how it will affect customers and whether the sale was influenced by the earlier security breach.
Analysts: Not A Surprising Move
Jack E. Gold, the president and principal analyst at J.Gold Associates, LLC, told ChannelE2E that “traditionally, companies like Solar Winds that are acquired by an equity capital company are acquired because their sales are stalled and/or falling, often due to some ‘trauma’ in the market” or because they are losing market share.
“Often, the private equity firm will try to strip away the extraneous and take the core and merge it with other properties it has to make for a larger company. It can then do an IPO,” said Gold. “The fact that the SolarWinds [investors] approve this means they do not see a long-term return on their investments and want an exit.”
In SolarWinds’ case, its 2020 breach had serious impacts when Russian hackers secretly injected hidden malware into company updates for SolarWinds’ Orion application. Those undetected changes to the software updates were then installed – many automatically – on customer systems and inserted the corrupted code into user systems. The attackers were able to steal data and spy on organizations through Orion by targeting and illegally changing the core code in a massive software supply chain attack. The breach inspired new ideas in software security through principles such as “secure by design,” which encourages integrating software security steps as software is built, not just added at the end.
Affected organizations included the U.S. Commerce and Treasury Departments, the Department of Homeland Security, the National Institutes of Health, the State Department, and consulting, technology, telecom, and oil and gas companies in North America, Europe, Asia, and the Middle East.
SolarWinds also previously had an MSP platform called SolarWinds MSP, which was not involved in or impacted by the 2020 breach. That platform was rebranded and later spun off into a standalone company, N-able, that continues today.
Another analyst, Shelly Kramer, principal analyst with Kramer&Co., told ChannelE2E that while the acquisition may be good for SolarWinds and its investors, it may be a different story for customers.
“Whenever private equity is involved, it is not a good deal for customers,” said Kramer. “Private equity has one goal: To increase profitability. To increase profitability, private equity typically means drastically reducing costs and staff, paring back parts of the company or completely breaking them off, getting what they can, and waltzing off.”
And making things more complicated for SolarWinds, public perception of the company “has been forever damaged by the 2020 hack, which has had an outsized impact on the company's foundational identity and reputation,” said Kramer. “I do not know that anyone has ever regained complete confidence in the company post-hack, and the enormity of that supply chain attack remains an ongoing part of the cybersecurity discussion worldwide. I am also not certain the company did everything it might have to restore consumer confidence post-occurrence.”
In October 2023, the U.S. Securities and Exchange Commission (SEC) filed charges against SolarWinds' CISO Timothy G. Brown for fraud and internal control failures relating to allegedly known cybersecurity risks and vulnerabilities. The complaint alleged that, from at least its October 2018 initial public offering through at least its December 2020 announcement about SUNBURST, SolarWinds and Brown defrauded investors by overstating SolarWinds' cybersecurity practices and understating or failing to disclose known risks.
Most claims against SolarWinds and Brown were dismissed in July 2024, when a judge ruled that the SEC's attempt to apply accounting rules to cybersecurity processes was "not tenable," effectively limiting the regulatory body's reach in this domain.
The SUNBURST breach was so well known that “people are never going to forget it,” said Kramer. “This [acquisition] is probably deemed a good move for SolarWinds investors, which is why it was approved. They want their money.”
The company’s move from a public to a private company may not be good for customers, she said. “Stringent reporting requirements will no longer play a role in keeping CISOs informed about the long-term viability of the company,” said Kramer. “No shareholder pressure, no regulatory requirements, no insight into company performance will be the new reality.”
SolarWinds was founded in 1999 and made its first IPO in May 2009. The company was traded on the New York Stock Exchange (NYSE) until February 2016, when current owners Silver Lake and Thoma Bravo purchased it for $4.5 billion and took it private. After 32 months, SolarWinds went through its second IPO in late 2018.
More Details on the SolarWinds Acquisition
The $18.50 per share all-cash deal represents a premium of about 35% over the volume-weighted average closing price of SolarWinds stock for the 90 trading days that ended on February 6, 2025, according to the company.
The transaction, which is expected to close in the second quarter of 2025 subject to customary closing conditions, was unanimously approved by the SolarWinds’ Board of Directors and by its Thoma Bravo and Silver Lake majority shareholders. Turn/River Capital, the new owner, was founded in 2012 and is based in San Francisco.
Goldman Sachs & Co. LLC was the lead financial advisor to SolarWinds, while Jefferies LLC served as a financial advisor. DLA Piper LLP (US) represented SolarWinds as a legal advisor. J.P. Morgan, Barclays, Santander, and RBC Capital Markets served as financial advisors for Turn/River, while Kirkland & Ellis LLP was the legal counsel.
