The cybersecurity threat landscape thrives on intelligence, which is a key factor driving the first big security acquisition of 2014.
Security vendor FireEye is acquiring privately held Mandiant in a cash-and-stock deal worth $1 billion. FireEye will pay $106.5 million in cash and issue 21.5 million shares and options to acquire Mandiant. Kevin Mandiant, founder of Mandiant, will become the chief operating officer (COO) at FireEye.
"Mandiant is a gold standard in the security industry and is often the first call that is made when a serious breach has occurred in an organization," FireEye CEO Dave DeWalt said on a briefing call. "Strategically, Mandiant brings us closer to the breach when it occurs, and we believe that this is critical to increasing the pull for our products."
The acquisition of Mandiant is all part of DeWalt's plan to expand the global infrastructure and footprint of his company. DeWalt noted that at the beginning of 2013, FireEye raised $50 million in funding to help fuel growth. FireEye is not expected to release full financial results for the year until February 11, though preliminary guidance released by the firm yesterday indicates some very positive trends. FireEye expect total revenue for 2013 to come in between $159 and $161 million, above analyst estimates. FireEye (NASDAQ: FEYE) shares soared 30% on the deal and sales figures.
FireEye and Mandiant began collaborating two years ago, according to DeWalt, and in 2013 announced a formal integration that includes the Mandiant Incident Response (MIR) platform with FireEye's solutions. Mandiant also has a core repository called Nucleus that tracks adversary characteristics and behaviors.
DeWalt stressed that there are many synergies between the two companies, enabling what he said is a robust end-to-end solution that provides the most advanced threat intelligence system in the world. Both FireEye and Mandiant have their own intelligence capabilities and DeWalt expects that the combined offering will be able to detect both known and unknown threats.
"Some of the most important Fortune 500 companies now run this combined offering in production," DeWalt said.
Looking forward, DeWalt said that in first quarter of 2014, FireEye will begin to offer a next-generation Intrusion Prevention System (IPS) that leverages the advanced capabilities of Mandiant.
DeWalt also expects there to be new opportunities to sell to Mandiant's user base as well as expanding the global reach of the company. Mandiant has 500 customers, of which FireEye shares only 20 percent. FireEye has 1,500 customers currently and there is less then 10 percent overlap with Mandiant.
"Today Mandiant has less than five percent of its sales outside the U.S and this will be a key synergy opportunity for the combined company," DeWalt said.
Kevin Mandiant noted during the call that in the modern security threat landscape, there is often a significant lag time between the time of a breach and when an enterprise actually responds and remediates the breach. He said that in his view, it's a natural fit to combine his company's technology with FireEye to respond to and contain security incidents.
"The combined organization helps Mandiant and FireEye complete the mission we both set out independently to accomplish, which is to eliminate the consequences of security breaches whether by preventing them in the first place or remediating them before an attacker can accomplish any of their goals," Mandiant said. "We absolutely believe that the combined Mandiant FireEye team creates the best threat intelligence sensor grid in existence."
Sean Michael Kerner is a senior editor at eSecurityPlanet and InternetNews.com. Follow him on Twitter @TechJournalist