Google to Acquire Mandiant; EDR Acquisition Next?

Google today announced that it has agreed to acquire Mandiant for roughly $5.4 billion to bolster its cloud security.

Google noted that Google Cloud already offers a number of security services, including BeyondCorp Enterprise for Zero Trust, VirusTotal for malicious content and software vulnerabilities, Chronicle security analytics and automation and the Security Command Center risk management platform in addition to the company’s Cybersecurity Action Team.

With Mandiant, Google broadens its offerings with an XDR platform, threat intelligence, incident response, automation and managed detection and response (MDR).

“Organizations around the world are facing unprecedented cybersecurity challenges as the sophistication and severity of attacks that were previously used to target major governments are now being used to target companies in every industry,” Google Cloud CEO Thomas Kurian said in a statement. “We look forward to welcoming Mandiant to Google Cloud to further enhance our security operations suite and advisory services, and help customers address their most important security challenges.”

“There has never been a more critical time in cybersecurity,” stated Mandiant CEO Kevin Mandia. “Since our founding in 2004, Mandiant’s mission has been to combat cyber attacks and protect our customers from the latest threats. To that end, we are thrilled to be joining forces with Google Cloud. Together, we will deliver expertise and intelligence at scale, changing the security industry.”

Google envisions its security operations providing a central point of intelligence, analysis and operations across on-premises environments, Google Cloud and other cloud providers in multi-cloud environments.

“Google Cloud is deeply committed to supporting the technology partners of both companies, including the endpoint ecosystem,” the company stated. “This acquisition will enable system integrators, resellers and managed security service providers to offer broader solutions to customers.”

The merger is expected to close later this year.

Also read: SIEM vs. SOAR vs. XDR: What Are The Differences?

Catching Up to Microsoft

There were reports that Microsoft was also interested in acquiring Mandiant, only to be outbid by Google.

That’s a good thing for Google, notes Forrester VP and Principal Analyst Jeff Pollard.

Pollard said Google Cloud “is playing catchup to Microsoft in cybersecurity and lacks its competitors’ inherent advantages in the enterprise: endpoint and active directory. That forces it to pay a premium and be more aggressive, which it signaled a willingness to do.”

He added that “significant gaps remain for the combined entity. Perhaps the most critical of those gaps is on the enterprise endpoint. GCP relies on EDR to complete its XDR offering, so we expect an EDR tool is next on its shopping list.”

Also read: Top Endpoint Detection & Response (EDR) Solutions

Another Major Change for Mandiant

It’s been a tumultuous year for Mandiant, which split with FireEye last year. As Pollard put it, “After divorcing FireEye, Mandiant spent very little time being single as suitors lined up.”

FireEye then merged with McAfee’s enterprise business, and in January the merged entity was renamed Trellix, a name previously associated with Mandiant.

But even the FireEye-McAfee merger isn’t quite done yet, as McAfee’s enterprise cloud business will be spun off into a separate as-yet-to-be-named company.

Read next: Top Cybersecurity Companies for 2022

Paul Shread
Paul Shread
eSecurityPlanet Editor Paul Shread has covered nearly every aspect of enterprise technology in his 20+ years in IT journalism, including award-winning articles on endpoint security and virtual data centers. He wrote a column on small business technology for Time.com, and covered financial markets for 10 years, from the dot-com boom and bust to the 2007-2009 financial crisis. He holds a market analyst certification.

Top Products

Related articles