[Infowarrior] - FireEye Acquires Mandiant

Thu Jan 2 15:41:44 CST 2014

January 2, 2014
FireEye Computer Security Firm Acquires Mandiant
By NICOLE PERLROTH and DAVID E. SANGER

http://www.nytimes.com/2014/01/03/technology/fireeye-computer-security-firm-acquires-mandiant.html

SAN FRANCISCO — In a deal that may have broad repercussions for
companies and governments fending off sophisticated hackers and
state-sponsored digital attacks, FireEye, a provider of security
software, has acquired Mandiant, a company known for emergency responses
to computer network breaches.

The deal, in both cash and stock, is worth more than $1 billion, based
on the current value of shares in FireEye.

The acquisition, which closed Monday but was not publicly announced
until after the markets closed on Thursday, was the biggest security
deal of 2013. It merges two darlings in the $67 billion global computer
security market that together could form a formidable competitor to
antivirus giants like Symantec and Intel’s McAfee.

David G. DeWalt, FireEye’s chairman and chief executive, ran McAfee
before it was sold to Intel in 2010. Mr. DeWalt was rumored to be a
contender for the top job at Intel, but surprised company insiders when
he left to join FireEye in 2012.

Mandiant is best known for sending in emergency teams to root out
attackers who have implanted software into corporate computer systems.
Much of its work focused on attacks from China, and last year it made
headlines with a detailed study of a hacking group known as “Comment
Crew” that provided the strongest evidence yet that the hackers were
closely linked to a unit of China’s People’s Liberation Army, outside of
Shanghai.

The combination of the two companies – one that detects attacks in a
novel way, another that responds to attacks – comes as corporate America
has become wary of relying on the federal government to monitor the
Internet and warn of incoming attacks.

That wariness has increased since the revelations of Edward J. Snowden,
the former National Security Agency contractor who removed thousands of
documents before he took temporary refuge in Moscow.

The documents have made it evident to companies that the United States
monitors allies as well as adversaries, including friendly governments,
international organizations and the networks of some Internet companies.
Some of them could turn to companies like FireEye and Mandiant for
protection, an interesting twist since many of Mandiant’s employees come
out of the American intelligence world.

“After the Snowden events, in the current political climate, no one can
say to the government, ‘Please, come on in and monitor our networks,' ”
said Kevin Mandia, the founder of Mandiant who is becoming chief
operating officer of the combined company.

Mandiant is privately held, and the big winners in the acquisition will
clearly be Mr. Mandia, the company’s founder, and the company’s venture
backers. Mandiant has raised $70 million from Kleiner Perkins Caufield &
Byers, the venture capital firm, and One Equity, an investment arm of
JPMorgan Chase.

FireEye’s success so far has depended on a technology for detecting
attacks that works quite differently from most antivirus products. Most
antivirus products, both inexpensive versions for individuals and more
sophisticated filtering systems for companies, monitor the web and
identify malicious software that has already begun to hit victims around
the world.

But by the time the attack has been identified and blocked, the
malicious software has already had a chance to do damage — siphoning a
company’s trade secrets, erasing data or emptying a customer’s bank account.

FireEye’s software isolates incoming traffic in virtual containers and
looks for suspicious activity in a sort of virtual petri dish before
deciding whether to let the traffic through.

“The antivirus products are not working right now,” Mr. DeWalt said.
“Companies are spending tens of billions of dollars of their money on a
model that doesn’t work. It’s going to take people and products working
together.”

Mandiant was frequently called in after FireEye found malware. In those
cases, it used its own threat detection technology to determine where
the attack was coming from and to design countermeasures.

In an interview, Mr. Mandia and Mr. DeWalt said the combined company
would be able to notify its customers as soon as it detected abnormal
behavior, execute a temporary fix and then dispatch a Mandiant team to
take further steps. It will also give Mandiant more reach: FireEye works
with more than a thousand customers, including 40 state military
operations, around the globe.

Mandiant had $100 million in revenue in 2012, up more than 76 percent
from the previous year, helping hundreds of companies in the Fortune
500. Mandiant responded to attacks by Chinese hackers at The New York
Times and The Wall Street Journal last year. About 95 percent of its
business is domestic and it was just beginning to develop an
international presence.

In April 2012, the companies began teaming up on various product
initiatives. Last February, the two organizations began integrating
FireEye’s software with Mandiant’s threat detection products after
seeing that many of their customers were already deploying their
products and services together.

Then, a few months ago, the two chief executives started talking about a
deal.

On Monday, the boards of both companies agreed to the terms of the deal,
in which FireEye will pay Mandiant shareholders $106.5 million in cash
and 21.5 million shares and options.

Under the deal terms, Mandiant will become an operating subsidiary of
FireEye, and Mr. Mandia will oversee FireEye’s services, cloud and
endpoint security operations.

Mr. Mandia said that before initiating acquisition talks, he had
considered taking Mandiant public. He said he began to warm to the idea
of an acquisition in the last few months, when he saw that FireEye’s
detection products would be a “natural fit” for Mandiant’s expertise in
responding to breaches.

The market has already shown an enthusiasm for FireEye’s products. Since
the company made its debut on the Nasdaq last September, the company’s
stock price has more than doubled, a big gain for FireEye’s founder,
Ashar Aziz, a former Sun Microsystems engineer who started the company
in 2004, and venture capital backers like Norwest, Sequoia Capital and
In-Q-Tel, the venture arm of the Central Intelligence Agency.

FireEye now has a $5 billion market capitalization, though it has yet to
turn a profit.

On Thursday, when the company announces the Mandiant acquisition, it
will also announce that it has exceeded its fourth-quarter revenue
guidance to analysts. The company had anticipated revenue of $52 million
to $54 million.

Nicole Perlroth reported from San Francisco and. David E. Sanger from
Weston, Vt.

-- 
Just because i'm near the punchbowl doesn't mean I'm also drinking from it.