FireEye has acquired privately-held iSIGHT Partners, a provider of cyber threat intelligence for global enterprises, for $200 million in cash. The transaction closed on January 14, 2016. Additionally, the former iSIGHT shareholders will have the opportunity to earn an additional amount of $75 million in cash and equity upon the achievement of a threat intelligence bookings target on or before the end of FireEye’s second quarter of 2018.
The iSIGHT intelligence network monitors and mines global cyber threat development and thousands of threat actors. iSIGHT’s nearly 350 dedicated staff includes more than 250 cyber threat intelligence experts across 17 countries, covering 29 languages. iSIGHT has invested nearly $100 million over eight years to build out its cyber intelligence capability. The company is based in Dallas.
FireEye said the acquisition positions it as the world’s most advanced and comprehensive private cyber threat intelligence operation, with the size and scope of the combined FireEye, Mandiant and iSIGHT cyber threat intelligence capability rivaling the largest intelligence operations in the world.
Customers of both companies will benefit from lower business risk through higher fidelity alerts, context to prioritize threats and the strategic insights to proactively prepare for threats that might target their industry or region. Existing iSIGHT customers will continue to have access to iSIGHT products. FireEye plans to add new intelligence subscription models that include industry vertical specific slices, similar to FireEye’s planned offerings with Visa, so existing and new customers will be able to purchase new threat intelligence products tailored to their organization’s specific threat profile.
FireEye’s existing customer base will see immediate value in their existing subscriptions through increased protection from the iSIGHT intelligence network, which will feed core threat intelligence into the DTI ecosystem that is continually refreshed every 60 minutes.
“This acquisition extends FireEye’s intelligence lead with an offering no one else in the industry can match,” said David DeWalt, FireEye chief executive officer and chairman of the board. “The biggest mistake most people make is thinking threat intelligence is a collection of virus definitions in a shared database. Forward-looking security organizations - from governments to the private sector - know threat intelligence is the key to establishing a robust security posture tuned for the threats targeting each organization. As the cyber operations become integrated with physical, geopolitical and competitive conflict, an intelligence-led approach to security will be key in detecting the most sophisticated threats and responding to them quickly and effectively.”
“Until now, only governments and large enterprises have been able to achieve intelligence-led security, but with the combined resources of FireEye, Mandiant and iSIGHT, we can make the benefits of intelligence-led security available to a broad range of organizations,” said John Watters, iSIGHT’s founder and chief executive officer prior to the acquisition. “We’re bringing iSIGHT together with intelligence teams inside of FireEye and Mandiant that are among the best in the industry, fusing victim-based intelligence with attacker-based, over-the-horizon insights derived from iSIGHT’s global cyber-threat ecosystem. When coupled with the technology and services of FireEye and Mandiant, this intelligence capability is a game changer for the industry and enables an intelligence-led security model that other security companies will be hard pressed to replicate.”
FireEye acquired privately held Mandiant in a transaction valued at around $1 billion. The deal consists of
21.5 million newly issued shares (NASDAQ: FEYE), options to purchase shares of FireEye stock, and approximately $106.5 million of net cash to the former Mandiant security holders.
Mandiant is a leading provider of advanced endpoint security products and security incident response management solutions. It has more than two million endpoints installed globally. The solution is designed to tell a company when it has been compromised and what the material impact of the breach is. The company was founded in 2004 by Kevin Mandiant and is based in Washington, D.C..
The acquisition, which recognizes the ever-increasing intensity of cyber attacks and follows nearly two years of collaboration, creates the industry’s leading advanced threat protection vendor with the ability to find and stop attacks at every stage of the attack life cycle. The transaction closed on December 30, 2013.
The combination of FireEye and Mandiant brings together two highly complementary companies, each a recognized leader and innovator in security, and creates an organization uniquely qualified to meet organizations’ needs for real-time detection, contextual threat intelligence, and rapid incident response.
FireEye offers a purpose-built, virtual machine-based Multi-Vector Virtual Execution (MVX) engine that conducts signature-less analysis atop a patented, virtualization technology purpose-built for security. The MVX engine is designed to provide scalable, accurate, and timely protection across the primary threat vectors - Web, email, file, and mobile.. FireEye now has more than two million virtual machines deployed worldwide, providing real-time, dynamic threat protection to more than 1,500 government, enterprise, and small and mid-sized customers.
Mandiant’s endpoint products are already integrated with the FireEye platform. The companies have been collaborating for 2 years.
FireEye said the combined organization unifies the critical components required to provide state-of-the-art cyber security: the most complete library of actionable threat intelligence on advanced threats and a product suite that can apply that intelligence to detect and prevent attacks on both the network and on endpoints.
“Organizations today are faced with knitting together a patchwork of point products and services to protect their assets from advanced threats,” said David DeWalt, chairman of the board and chief executive officer of FireEye. “Together, the size and global reach of FireEye and Mandiant will enable us to innovate faster, create a more comprehensive solution, and deliver it to organizations around the world at a pace that is unmatched by other security vendors.”
http://investors.fireeye.comhttps://www.mandiant.com
In February 2013, A highly publicized report from Mandiant, a security consulting firm based in Arlington, Virginia, linked cyber attacks on over 140 U.S. corporations to a specific unit of China's People's Liberation Army.
The report, called "APT1: Exposing One of China’s Cyber Espionage Units," details how it has the PLA's Unit 61398 systematically carried out spear-phishing attacks and stole confidential data from leading companies across multiple industries. Mandiant claims the widespread attacks are on-going.
In addition to describing the methodology of the attacks, the Mandiant report provides domain names, MD5 hashes of malware and X.509 encryption certificates associated with the attackers.
