In a deal that could have broad repercussions for companies and governments fending off
sophisticated hackers and state-sponsored digital attacks, FireEye, a provider of security
software, has acquired Mandiant, a company known for emergency responses to computer-network
breaches.
The deal, in both cash and stock, is worth more than $1 billion, based on the current value of
shares in FireEye.
The acquisition, which closed last Monday but was not publicly announced until after the markets
closed on Thursday, was the biggest security deal of 2013. It merges two darlings in the $67
billion global computer-security market that together could form a formidable competitor to
antivirus giants such as Symantec and Intel’s McAfee.
David G. DeWalt, FireEye’s chairman and chief executive, ran McAfee before it was sold to Intel
in 2010. DeWalt was rumored to be a contender for the top job at Intel, but he surprised company
insiders when he left to join FireEye in 2012.
Mandiant is best known for sending in emergency teams to root out attackers who have implanted
software into corporate computer systems. Much of its work focused on attacks from China.
The combination of the two companies — one that detects attacks in a novel way, another that
responds to attacks — comes at a moment when corporate America is increasingly wary of relying on
the federal government to monitor the Internet and warn of incoming attacks.
That wariness has increased since the revelations of Edward Snowden, the former National
Security Agency contractor who removed thousands of documents before he took temporary refuge in
Moscow.
“After the Snowden events, in the current political climate no one can say to the government, ‘
Please, come on in and monitor our networks,’” said Kevin Mandia, the founder of Mandiant, who is
becoming chief operating officer of the combined company.
FireEye’s success has depended on a technology for detecting attacks that works quite
differently from most antivirus products. FireEye’s software isolates incoming traffic in virtual
containers and looks for suspicious activity in a sort of virtual petri dish before deciding
whether to let the traffic through.
0 comments :
Post a Comment