Google today announced that it has agreed to acquire Mandiant for roughly $5.4 billion to bolster its cloud security.
Google noted that Google Cloud already offers a number of security services, including BeyondCorp Enterprise for Zero Trust, VirusTotal for malicious content and software vulnerabilities, Chronicle security analytics and automation and the Security Command Center risk management platform in addition to the company’s Cybersecurity Action Team.
“Organizations around the world are facing unprecedented cybersecurity challenges as the sophistication and severity of attacks that were previously used to target major governments are now being used to target companies in every industry,” Google Cloud CEO Thomas Kurian said in a statement. “We look forward to welcoming Mandiant to Google Cloud to further enhance our security operations suite and advisory services, and help customers address their most important security challenges.”
“There has never been a more critical time in cybersecurity,” stated Mandiant CEO Kevin Mandia. “Since our founding in 2004, Mandiant’s mission has been to combat cyber attacks and protect our customers from the latest threats. To that end, we are thrilled to be joining forces with Google Cloud. Together, we will deliver expertise and intelligence at scale, changing the security industry.”
Google envisions its security operations providing a central point of intelligence, analysis and operations across on-premises environments, Google Cloud and other cloud providers in multi-cloud environments.
“Google Cloud is deeply committed to supporting the technology partners of both companies, including the endpoint ecosystem,” the company stated. “This acquisition will enable system integrators, resellers and managed security service providers to offer broader solutions to customers.”
The merger is expected to close later this year.
Catching Up to Microsoft
There were reports that Microsoft was also interested in acquiring Mandiant, only to be outbid by Google.
That’s a good thing for Google, notes Forrester VP and Principal Analyst Jeff Pollard.
Pollard said Google Cloud “is playing catchup to Microsoft in cybersecurity and lacks its competitors’ inherent advantages in the enterprise: endpoint and active directory. That forces it to pay a premium and be more aggressive, which it signaled a willingness to do.”
He added that “significant gaps remain for the combined entity. Perhaps the most critical of those gaps is on the enterprise endpoint. GCP relies on EDR to complete its XDR offering, so we expect an EDR tool is next on its shopping list.”
Another Major Change for Mandiant
It’s been a tumultuous year for Mandiant, which split with FireEye last year. As Pollard put it, “After divorcing FireEye, Mandiant spent very little time being single as suitors lined up.”
FireEye then merged with McAfee’s enterprise business, and in January the merged entity was renamed Trellix, a name previously associated with Mandiant.
But even the FireEye-McAfee merger isn’t quite done yet, as McAfee’s enterprise cloud business will be spun off into a separate as-yet-to-be-named company.
Read next: Top Cybersecurity Companies for 2022