The ITAM Roundup: 2/16/25

roundup Feb 16, 2025

📰 News

Crayon looking for public sector growth

Crayon reported solid Q4 financials with a 2% year-over-year increase in gross profit and revenue, but lower-than-expected profit margins due to weaker enterprise software sales, Microsoft licensing changes, and a growing focus on lower-margin public sector contracts. CEO Melissa Mulholland emphasized plans to expand Crayon’s public sector business internationally, targeting 15-20% gross profit growth in 2025 while strengthening partnerships with AWS and Google Cloud. The firm remains optimistic about its upcoming merger with SoftwareOne, expected in June, which is projected to create significant value for shareholders, customers, and employees.

Private equity firms reportedly competing to buy cybersecurity provider Trend Micro

Several private equity firms, including Bain Capital, Advent International, EQT AB, and KKR, are reportedly competing to acquire cybersecurity provider Trend Micro, which has a market capitalization of $8.54 billion. Following the news, Trend Micro’s stock surged 16% on the Tokyo Stock Exchange, though the company may still choose to remain independent. Trend Micro, known for its Vision One cybersecurity platform and AI-powered security tools, reported a 6% revenue increase in its latest quarter, while potential buyers have a history of acquiring cybersecurity firms.

SAP snared in revenue trap unless it extends legacy ERP support

SAP faces a major revenue risk as many customers resist migrating from ECC to S/4HANA, with Gartner estimating nearly a quarter of SAP’s ERP user base will still be on ECC in 2030 when extended support ends. Customers are weighing costly migrations against third-party support options, which are cheaper but come with limitations, while SAP remains firm on its deadlines yet hints at cloud subscription transitions. Ultimately, SAP must decide whether to maintain its strict cutoff dates or reconsider its strategy to retain high-margin support revenue from customers reluctant to move.

Report: Dell close to inking $5B+ AI server deal with xAI

Dell Technologies is reportedly in advanced talks to sell over $5 billion worth of AI servers to Elon Musk’s xAI, which is expanding its Colossus supercomputer. The deal would involve servers based on Nvidia’s GB200 Grace Blackwell Superchips, designed for high-performance AI workloads. If finalized, the agreement could contribute to Dell’s projected $14 billion in AI server sales by early 2026, driving a 40% year-over-year increase.

Informatica plunges 33% on revenue miss, citing ‘internal issues,’ but says underlying business is strong

Informatica's stock dropped over 33% after missing revenue expectations due to internal sales issues and a faster-than-expected customer shift to the cloud, which impacted maintenance revenue. The company attributed the revenue shortfall to lower subscription renewals and accounting adjustments related to cloud migrations, though cloud subscription ARR continues to grow at nearly 30% annually. CEO Amit Walia framed the setback as temporary, citing strong long-term fundamentals, AI-driven demand, and plans to address incentive-related challenges without major organizational changes.

📖 Tips

How CASB transforms SaaS discovery and security from day one

The rapid adoption of SaaS applications creates security and compliance challenges due to shadow IT, unrecognized usage patterns, and incomplete discovery methods. Cloud Access Security Broker (CASB) solutions address these issues by providing real-time visibility into SaaS activity, optimizing application usage, and strengthening security. Flexera SaaS Management integrates CASB to unify discovery sources, accelerate insights, and future-proof SaaS management, enabling organizations to proactively control their cloud environments.

Moving Off VMware? 5 Things That Can Ruin Your Migration

Migrating from VMware following Broadcom’s acquisition is complex and fraught with risks, including application compatibility issues, hidden costs, security vulnerabilities, and lack of dependency visibility. Organizations often underestimate migration costs and testing requirements, leading to service disruptions and performance degradation. Careful planning, thorough testing, and comprehensive visibility into IT infrastructure are essential for a smooth and secure transition to alternative platforms.

Best software asset management (SAM) tool of 2025

The best software asset management (SAM) tools of 2025 help businesses optimize software usage, track licenses, and reduce costs. Top picks include ManageEngine AssetExplorer for affordability, SysAid for automation, Atera for enterprises, Flexera for ease of use, and Asset Panda for customer support, each offering unique strengths in managing IT assets efficiently. When choosing a SAM tool, factors such as cost, ease of use, automation, reporting capabilities, and customer support should be considered to ensure seamless integration and long-term value.

FinOps: Optimizing the Relationships Between Banks and the Cloud

FinOps, or cloud financial management, is becoming essential for financial institutions as they optimize cloud infrastructure, manage costs, and align technology with business goals. Banks like Capital One are leveraging FinOps to integrate AI-driven solutions, streamline operations, and enhance financial services while reducing computing costs and energy consumption. As financial institutions increasingly adopt cloud-based and AI-powered solutions, FinOps plays a critical role in balancing resource management, cost efficiency, and innovation, particularly for larger banks with complex product offerings.

🐛Bugs & Exploits

PostgreSQL flaw exploited as zero-day in BeyondTrust breach

Attackers exploited a PostgreSQL zero-day (CVE-2025-1094) alongside another vulnerability (CVE-2024-12356) to breach BeyondTrust in December, compromising 17 Remote Support SaaS instances and leading to a U.S. Treasury Department breach. The Treasury attack was linked to Chinese state-backed hackers, Silk Typhoon, who targeted sensitive government data related to sanctions and foreign investments. Although BeyondTrust patched CVE-2024-12356, Rapid7 found that the underlying PostgreSQL flaw remained unaddressed but was still mitigated due to additional input sanitization.